Report - claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf

Report Overview

Submitted URL
claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
IP
82.180.135.221
ASN
#0
Submitted
2022-09-18 16:28:01
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
claudiodauelsberg.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.7 kB	172 kB	82.180.135.221
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.39.57.61
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.76.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	331 B	700 B	142.250.74.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	1.6 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-18	medium	claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-content/themes/claudiotheme/dist/main.css?ver=00002	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.5.0	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-content/plugins/woocommerce-mercadopago/assets/css/global.min.css?ver=5.7.6	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-content/themes/claudiotheme/dist/main.js	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.0	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.0	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.0	Phishing
2022-09-18	medium	claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	claudiodauelsberg.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-24
Pretty URL claudiodauelsberg.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 82.180.135.221 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 22:40:37 Times Seen31821 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.0	9.5 kB	2023-03-07	2024-04-23
Pretty URL claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.0 IP 82.180.135.221 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-23 19:01:03 Times Seen2817 Hash 87c54edf7dad7dfdfde015f6eee45ff1 96ec1a06ea3093c47e1e2fc4444ada7f4456135d ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da Loading...

	claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf	135 B	2023-03-07	2024-04-24
Pretty URL claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf IP 82.180.135.221 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-24 21:40:59 Times Seen26586 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	claudiodauelsberg.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL claudiodauelsberg.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 82.180.135.221 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 01:37:46 Times Seen68606 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	claudiodauelsberg.com.br/wp-content/themes/claudiotheme/dist/main.js	105 kB	2023-03-07	2023-03-07
Pretty URL claudiodauelsberg.com.br/wp-content/themes/claudiotheme/dist/main.js IP 82.180.135.221 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:06:17 Last Seen2023-03-07 18:06:17 Times Seen1 Hash 0524b7593b0f8ae07c0a8e2c525f564c 053b6ca751dfbb943f871d343e351aa8ad15a84d 77d7ac65d16cb337c8e62658f5d7b1f3d17f23448285998206f0530a0644dd8e Loading...

	claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf	152 B	2023-03-07	2024-04-24
Pretty URL claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf IP 82.180.135.221 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-24 21:26:45 Times Seen19904 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.0	1.8 kB	2023-03-07	2024-04-24
Pretty URL claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.0 IP 82.180.135.221 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-24 20:13:16 Times Seen21592 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.0	2.1 kB	2023-03-07	2024-04-24
Pretty URL claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.0 IP 82.180.135.221 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-24 20:13:16 Times Seen22390 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf	294 B	2023-03-07	2023-03-07
Pretty URL claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf IP 82.180.135.221 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:06:17 Last Seen2023-03-07 18:06:17 Times Seen1 Hash e9295b66ff20300ac0eafdd7bad3e82c e45382c41b0e8b2cbcdf8847e893b7d22a4d1b8c d12e31445666a180beeb6e8f23c819ddfe9a2ae56bc41fd8cb653b91cf946a91 Loading...

	claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.0	2.9 kB	2023-03-07	2024-04-24
Pretty URL claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.0 IP 82.180.135.221 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-24 20:13:16 Times Seen13972 Hash 0fd625c3991a4015814cffdc88e2fc82 d7c2f53e058210ff3ea773297641008bab71a5f3 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1 Loading...

HTTP Transactions (35)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 16:12:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fkahYby3HPHDe-hFBOyLKuG4Dd-eqHhHAJxsa1VL0g0GkXv8vwop-Q==
Age: 931

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7778
Expires: Sun, 18 Sep 2022 18:37:28 GMT
Date: Sun, 18 Sep 2022 16:27:50 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 03:30:43 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: he3C1msrGF3MI_soZ4L-00kIH1xpJptx7XlrikKluyLbiryzznvcHg==
age: 46627
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf

82.180.135.221

301 Moved Permanently

707 B

URL HTTP/1.1
claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
IP
82.180.135.221:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 18 Sep 2022 16:27:50 GMT
server: LiteSpeed
location: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
platform: hostinger
content-security-policy: upgrade-insecure-requests

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 16:27:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 16:03:22 GMT
Expires: Sun, 18 Sep 2022 16:05:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rQuW6iTVT6E5NPKHbppn_QtIuu0sDWlpPiFGS7p3V_xX3XAPt6eFdg==
Age: 1469

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3028
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 16:27:51 GMT
Last-Modified: Sun, 18 Sep 2022 15:37:23 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.39.57.61

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.57.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 25IKsk7YyFYzZ3Vy/vBRWQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lAG2of4ZS4iwZ+8v3wduMVQvO/s=

claudiodauelsberg.com.br/wp-content/themes/claudiotheme/assets/fonts/stylesheet.css

82.180.135.221

200 OK

170 B

URL HTTP/2
claudiodauelsberg.com.br/wp-content/themes/claudiotheme/assets/fonts/stylesheet.css
IP
82.180.135.221:0
ASN
#0

File type
ASCII text
Size
170 B (170 bytes)
Hash
2e9a189a3d37a448e0724a15f0d903d1
a2bcbbd3dc7dc5bb25866eec774896122403e303
01bd7714317b0f2c7038b861e5f535c0e132068764bd0c4f49e1c706a79d602b

HTTP Headers

GET /wp-content/themes/claudiotheme/assets/fonts/stylesheet.css HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 19:56:49 GMT
etag: "2ff-63110e81-4fdada2605147108;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 170
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/themes/claudiotheme/dist/main.css?ver=00002

82.180.135.221

200 OK

4.2 kB

URL HTTP/2
claudiodauelsberg.com.br/wp-content/themes/claudiotheme/dist/main.css?ver=00002
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (22281)
Size
4.2 kB (4197 bytes)
Hash
2b0ba854587f09a2329d1275bd42bf05
0d24aca9e3f2a1513931053e8cc7d24f871b545f
469a4ed9d7414941fad64ccdcaee805d8c6637a4272f7b4bcc80a9a46f7d6ef7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/claudiotheme/dist/main.css?ver=00002 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 19:56:55 GMT
etag: "570a-63110e87-efe550c674b9f6af;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4197
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

82.180.135.221

200 OK

11 kB

URL HTTP/2
claudiodauelsberg.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (43771)
Size
11 kB (10703 bytes)
Hash
3314a848319230ac733421112382eec5
98a167f06a0aa192b28891f8abbb13045a59cb93
491c2c2340db0cace5815f2434013e7fecb5bd9b1d9a721811603d7aaa485fbd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 22:02:02 GMT
etag: "15b64-63069fda-838ddbc726d4b0cd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10703
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3

82.180.135.221

200 OK

1.1 kB

URL HTTP/2
claudiodauelsberg.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (4933), with no line terminators
Size
1.1 kB (1106 bytes)
Hash
8227d1018451f5f2b5d556517e3a9c1c
c7d4c64a5aba47ac3a2445b5590efd664dbc381c
b6b0b48882efd9ff0a0364874578c4c1d507b6189cca80985b698239a924c663

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 20:34:39 GMT
etag: "1345-63068b5f-41b9862952ab45e9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1106
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3

82.180.135.221

200 OK

20 kB

URL HTTP/2
claudiodauelsberg.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3
IP
82.180.135.221:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size
20 kB (19962 bytes)
Hash
6d8725a48535346f243e5c857b5bd771
3323c0b3f634b0c343da931f533239939d762d06
30fa8623d5e447c1abd541f4577de0b4d9c1a6367433f6297a229eec818bd4e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 20:34:44 GMT
etag: "33162-63068b64-a5ffa0d633871092;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19962
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.5.0

82.180.135.221

200 OK

2.3 kB

URL HTTP/2
claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.5.0
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (17809), with no line terminators
Size
2.3 kB (2323 bytes)
Hash
8bf01dd7b03621146c2555c34f687ac0
0f0b791d93fd20bf53248e8dc47ec8017767b26c
240a3bf4047194a33f1680f6db5bdbe53ce230fefc2613c603b4d9362432ced2

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.5.0 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 20:20:10 GMT
etag: "4591-630687fa-cc232619ae256764;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2323
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.5.0

82.180.135.221

200 OK

8.3 kB

URL HTTP/2
claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.5.0
IP
82.180.135.221:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Size
8.3 kB (8306 bytes)
Hash
5a6308aa940200bf5a1a89794c547b67
e2023afb87b892b514e902cbe66200afe5149454
9b965a1bb5129d0905b2b72cef2fb050de879c8aa1e3a417ba8bcd8721d3879c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.5.0 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 20:19:51 GMT
etag: "f523-630687e7-237b7056857637d6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8306
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/plugins/woocommerce-mercadopago/assets/css/global.min.css?ver=5.7.6

82.180.135.221

200 OK

317 B

URL HTTP/2
claudiodauelsberg.com.br/wp-content/plugins/woocommerce-mercadopago/assets/css/global.min.css?ver=5.7.6
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (767), with no line terminators
Size
317 B (317 bytes)
Hash
f534738800e8035e845ad0b66315d0dc
edae8988ac68ecb38d815112cc7488917298b7a4
f128acc34a99e615497f7613c21e09dd5ed5b9dd8fb7fd2c525ac99b9b649dc5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce-mercadopago/assets/css/global.min.css?ver=5.7.6 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 20:14:24 GMT
etag: "2ff-630686a0-3fb223dceffe18f2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 317
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b417168037cd02cb414797a2fe8a898f
504f56151849a7bfcd36d7e72b39ead79a69bfe8
39238b70192886874fc0362dbf5e2b017f71760665c5d1025d75e4a304ded1f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 16:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Lato&display=swap

142.250.74.10

200 OK

811 B

URL HTTP/2
fonts.googleapis.com/css2?family=Lato&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
811 B (811 bytes)
Hash
8ef07f9bd700b4a6c7c076641e640b81
70d807e7a8315c295f0639b71ffcf57e4d30ce24
0bbdbbee836f29bb4c9da3e0964df5a2ee5cde12f99eb9420c0e89b84c4a6c52

HTTP Headers

GET /css2?family=Lato&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 16:27:52 GMT
date: Sun, 18 Sep 2022 16:27:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

82.180.135.221

200 OK

30 kB

URL HTTP/2
claudiodauelsberg.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (65447)
Size
30 kB (30027 bytes)
Hash
63373db5c13254717674a1af4cd88aa2
21a1962ab8597d9066640a7157a41370341ff0cf
d883f77be0299ddb715175908b03076554287b13f87570369fb58adeade16891

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Aug 2022 21:59:58 GMT
etag: "15db1-63069f5e-4a7ff1bfbf64bca7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30027
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

82.180.135.221

200 OK

4.0 kB

URL HTTP/2
claudiodauelsberg.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3984 bytes)
Hash
4116c2be947ecf205a0c7fc117ca55f0
0cd8efc9fe349d67a86b49d1e5582a9b21d05add
6b1970b536b88a18b0eb4fe138e677b9736294057660676507fabee57cb0462c

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Aug 2022 22:00:00 GMT
etag: "2bd8-63069f60-e64fca440f7639fb;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3984
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/themes/claudiotheme/dist/main.js

82.180.135.221

200 OK

39 kB

URL HTTP/2
claudiodauelsberg.com.br/wp-content/themes/claudiotheme/dist/main.js
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (65474)
Size
39 kB (39315 bytes)
Hash
4c23e300403676ca79b9c56516b67fe7
62e93a9744c829f4a8b0711cb363ad69e11c9901
4a8993ca15e2c7b4bfb9f166990804e979230f4045b1a0b077661c141318bd3e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/claudiotheme/dist/main.js HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: application/x-javascript
last-modified: Thu, 01 Sep 2022 19:56:56 GMT
etag: "19909-63110e88-dcacd940046d61d1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 39315
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.0

82.180.135.221

200 OK

3.2 kB

URL HTTP/2
claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.0
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (9139)
Size
3.2 kB (3242 bytes)
Hash
2334040ad30a3a3cc5055ad8643b2e10
6a6ff9799ad8cac3502e2189a02ed74ca02ff4a3
08acb85d899a61171f9c6721e41ed8022d7aa4f6cc1aab9c7c39fe55cdd18960

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.0 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Aug 2022 20:36:25 GMT
etag: "253d-63068bc9-6a0c1f08801150a8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3242
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.0

82.180.135.221

200 OK

899 B

URL HTTP/2
claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.0
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (1668)
Size
899 B (899 bytes)
Hash
22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.0 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Aug 2022 20:37:35 GMT
etag: "72a-63068c0f-2061e9bedc84ad86;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.0

82.180.135.221

200 OK

677 B

URL HTTP/2
claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.0
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (2139), with no line terminators
Size
677 B (677 bytes)
Hash
a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.0 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Aug 2022 20:36:28 GMT
etag: "85b-63068bcc-a996a597cee2ffea;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.0

82.180.135.221

200 OK

935 B

URL HTTP/2
claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.0
IP
82.180.135.221:0
ASN
#0

File type
ASCII text, with very long lines (2938), with no line terminators
Size
935 B (935 bytes)
Hash
ff0db23445ccd7328c7f10de152fb16b
ff94beb84c601febafb3b51e4f054f920ffb75fc
91034f25ae6d0e9f62eb1407e288f5b37140ad5ce9cd0d1d77d79e63d45882e3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.0 HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Aug 2022 20:36:35 GMT
etag: "b7a-63068bd3-2565b0ec50ab1fec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 935
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/themes/claudiotheme/assets/bandeiras/mercado-pago.png

82.180.135.221

200 OK

36 kB

URL HTTP/2
claudiodauelsberg.com.br/wp-content/themes/claudiotheme/assets/bandeiras/mercado-pago.png
IP
82.180.135.221:0
ASN
#0

File type
PNG image data, 376 x 119, 8-bit/color RGBA, non-interlaced\012- data
Size
36 kB (36373 bytes)
Hash
f24426077571f222e53832bf2f43e309
da507cb43efb25218915ab5a1966c76f129486eb
fd4095a2c9f7d2dd5643162eb81a3517534f90ece26a67983e69d10b123017e0

HTTP Headers

GET /wp-content/themes/claudiotheme/assets/bandeiras/mercado-pago.png HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
content-type: image/png
last-modified: Thu, 01 Sep 2022 19:56:39 GMT
etag: "8e15-63110e77-9a99fab2201abdaa;;;"
accept-ranges: bytes
content-length: 36373
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5550
Expires: Sun, 18 Sep 2022 18:00:22 GMT
Date: Sun, 18 Sep 2022 16:27:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5550
Expires: Sun, 18 Sep 2022 18:00:22 GMT
Date: Sun, 18 Sep 2022 16:27:52 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11919 bytes)
Hash
f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QgOb-hraq20XpHk_0Cyz2UMxaIEjP8ilIXt2VuhiRJWJAOG5EuAb5A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 05:49:05 GMT
age: 38327
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10554 bytes)
Hash
7334a6bdb209350f41e4640960c9ce2a
0b00e1a594dc88c8fb05044a69cc0ba1eafc4946
bf946afeb52d95f27e2a271486accf87a0c169e5e78f6d57cace80564e2ed668

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10554
x-amzn-requestid: 07497447-33e7-4f60-a3ff-974f581c5704
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlG_7IAMFaIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-1964dc6548cb5f7c09f65b78;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BLfMTudduK95E9WeV9h987RYPa2RjQTtcl6jkjAZxgSWmCfUTnxU4A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:43:11 GMT
age: 67481
etag: "0b00e1a594dc88c8fb05044a69cc0ba1eafc4946"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5448 bytes)
Hash
c9a9211e94d6aa2429e9663ef317707e
ac0d1af96508d026f9a1252d358660bd5671f9bd
36663b67119ae58b665e43d86b73045472cf23d73bf2c981754f479989690791

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5448
x-amzn-requestid: 3b63d209-af92-4d64-866a-d8f677aa62a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn659H9DIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea5-30e7f8a32603ba70671addec;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JKenU-KwXFVEu-tZnc_yoDis5Lt-2tY0RcjH7ZT592hqp0tIUF25Lg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:01 GMT
etag: "ac0d1af96508d026f9a1252d358660bd5671f9bd"
content-type: image/jpeg
age: 67131
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6869 bytes)
Hash
51d067e534c477ce996b3e806f6a132e
451c1f67948e45909e636828e3d2a3099de922f0
e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6869
x-amzn-requestid: e4e424a6-6c79-405b-8d1b-d40749ae3f0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5yLHi8oAMFpXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cda-22f6dae17ded045177976eaf;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:32:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eSPLuSCIr6IOor8bQh1STKcy6i_bS6nPhndKrN_g7IrXl6U43TogYw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:29:35 GMT
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
content-type: image/jpeg
age: 64697
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5827 bytes)
Hash
29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: a30d5a61-ccb2-4582-8298-1abb79830dda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VSF21IAMFvGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-5b79117f185617fb0f37a845;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cYYmknnm5GHRMA69N-dqXXKHb1-tfN1PuRYB5xxtRJK5Gk3-PO0Bw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:16:15 GMT
age: 33097
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5133 bytes)
Hash
56ade9172e883c777dd974ca879bceba
b2aaf019e083443a6404c262206ee2e981d3165c
c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mDe4BYbMkqkO3wq6onH6c_YOfWn32Z4L9t-QW_5mwez4bcrVkrQBuw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:38:13 GMT
age: 31779
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf

82.180.135.221

404 Not Found

0 B

URL HTTP/2
claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
IP
82.180.135.221:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf HTTP/1.1
Host: claudiodauelsberg.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://claudiodauelsberg.com.br/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations