Overview

URL claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
IP82.180.135.221
ASN
Location Germany
Report completed2022-09-18 16:28:01 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-18 2 claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/co (...) Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-content/themes/claudiotheme/dist/main.css?ver=00002 Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-includes/css/dist/block-library/style.min.css?v (...) Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-content/plugins/woocommerce/packages/woocommerc (...) Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-content/plugins/woocommerce/packages/woocommerc (...) Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/css/woocomme (...) Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-content/plugins/woocommerce-mercadopago/assets/ (...) Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-content/themes/claudiotheme/dist/main.js Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/jquery-bl (...) Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/ (...) Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-content/plugins/woocommerce/assets/js/frontend/ (...) Phishing
2022-09-18 2 claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/co (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (10)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-18 12:39:06 UTC 143.204.55.27
mnemonic passive DNS claudiodauelsberg.com.br (18) 0 2015-09-09 01:02:02 UTC 2022-09-18 15:26:37 UTC 82.180.135.221 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-18 06:05:26 UTC 52.39.57.61
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-18 12:17:51 UTC 142.250.74.10
mnemonic passive DNS r3.o.lencr.org (3) 344 2020-12-02 08:52:13 UTC 2022-09-18 05:00:37 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-18 06:05:25 UTC 143.204.55.110
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-18 04:48:15 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-18 11:46:24 UTC 93.184.220.29
mnemonic passive DNS ocsp.pki.goog (1) 175 2017-06-14 07:23:31 UTC 2022-09-18 04:51:37 UTC 142.250.74.3
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-18 04:20:51 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 82.180.135.221

Date UQ / IDS / BL URL IP
2022-09-18 16:28:01 +0000
0 - 0 - 13 claudiodauelsberg.com.br/wp-content/plugins/f (...) 82.180.135.221

Last 5 reports on ASN:

Date UQ / IDS / BL URL IP
2022-12-03 08:51:19 +0000
0 - 0 - 5 specialdatingpartner.life/?u=exmkte4&o=7md8kn (...) 194.87.208.65
2022-12-03 08:47:29 +0000
0 - 0 - 19 blue-port.jp/ 160.251.150.198
2022-12-03 08:47:10 +0000
0 - 0 - 105 lite-1x36781678.top/ar 178.253.14.166
2022-12-03 08:44:46 +0000
0 - 0 - 2 avergastumes.com/1670056693/imagenes/_persona (...) 47.87.139.183
2022-12-03 08:00:25 +0000
0 - 0 - 1 i.hhrspb7.top/n/tui/package/screensaver/v1.1. (...) 211.93.212.200

Last 1 reports on domain: claudiodauelsberg.com.br

Date UQ / IDS / BL URL IP
2022-09-18 16:28:01 +0000
0 - 0 - 13 claudiodauelsberg.com.br/wp-content/plugins/f (...) 82.180.135.221

No other reports with similar screenshot



JavaScript

Executed Scripts (10)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (35)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 16:12:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fkahYby3HPHDe-hFBOyLKuG4Dd-eqHhHAJxsa1VL0g0GkXv8vwop-Q==
Age: 931


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7778
Expires: Sun, 18 Sep 2022 18:37:28 GMT
Date: Sun, 18 Sep 2022 16:27:50 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 03:30:43 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: he3C1msrGF3MI_soZ4L-00kIH1xpJptx7XlrikKluyLbiryzznvcHg==
age: 46627
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         82.180.135.221
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
date: Sun, 18 Sep 2022 16:27:50 GMT
server: LiteSpeed
location: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
platform: hostinger
content-security-policy: upgrade-insecure-requests


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 18 Sep 2022 16:27:50 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 16:03:22 GMT
Expires: Sun, 18 Sep 2022 16:05:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rQuW6iTVT6E5NPKHbppn_QtIuu0sDWlpPiFGS7p3V_xX3XAPt6eFdg==
Age: 1469


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3028
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 16:27:51 GMT
Last-Modified: Sun, 18 Sep 2022 15:37:23 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 25IKsk7YyFYzZ3Vy/vBRWQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.39.57.61
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lAG2of4ZS4iwZ+8v3wduMVQvO/s=

                                        
                                            GET /wp-content/themes/claudiotheme/assets/fonts/stylesheet.css HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Thu, 01 Sep 2022 19:56:49 GMT
etag: "2ff-63110e81-4fdada2605147108;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 170
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   170
Md5:    2e9a189a3d37a448e0724a15f0d903d1
Sha1:   a2bcbbd3dc7dc5bb25866eec774896122403e303
Sha256: 01bd7714317b0f2c7038b861e5f535c0e132068764bd0c4f49e1c706a79d602b
                                        
                                            GET /wp-content/themes/claudiotheme/dist/main.css?ver=00002 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Thu, 01 Sep 2022 19:56:55 GMT
etag: "570a-63110e87-efe550c674b9f6af;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4197
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22281)
Size:   4197
Md5:    2b0ba854587f09a2329d1275bd42bf05
Sha1:   0d24aca9e3f2a1513931053e8cc7d24f871b545f
Sha256: 469a4ed9d7414941fad64ccdcaee805d8c6637a4272f7b4bcc80a9a46f7d6ef7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 22:02:02 GMT
etag: "15b64-63069fda-838ddbc726d4b0cd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10703
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   10703
Md5:    3314a848319230ac733421112382eec5
Sha1:   98a167f06a0aa192b28891f8abbb13045a59cb93
Sha256: 491c2c2340db0cace5815f2434013e7fecb5bd9b1d9a721811603d7aaa485fbd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 20:34:39 GMT
etag: "1345-63068b5f-41b9862952ab45e9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1106
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4933), with no line terminators
Size:   1106
Md5:    8227d1018451f5f2b5d556517e3a9c1c
Sha1:   c7d4c64a5aba47ac3a2445b5590efd664dbc381c
Sha256: b6b0b48882efd9ff0a0364874578c4c1d507b6189cca80985b698239a924c663

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 20:34:44 GMT
etag: "33162-63068b64-a5ffa0d633871092;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19962
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size:   19962
Md5:    6d8725a48535346f243e5c857b5bd771
Sha1:   3323c0b3f634b0c343da931f533239939d762d06
Sha256: 30fa8623d5e447c1abd541f4577de0b4d9c1a6367433f6297a229eec818bd4e2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.5.0 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 20:20:10 GMT
etag: "4591-630687fa-cc232619ae256764;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2323
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17809), with no line terminators
Size:   2323
Md5:    8bf01dd7b03621146c2555c34f687ac0
Sha1:   0f0b791d93fd20bf53248e8dc47ec8017767b26c
Sha256: 240a3bf4047194a33f1680f6db5bdbe53ce230fefc2613c603b4d9362432ced2
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.5.0 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 20:19:51 GMT
etag: "f523-630687e7-237b7056857637d6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8306
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Size:   8306
Md5:    5a6308aa940200bf5a1a89794c547b67
Sha1:   e2023afb87b892b514e902cbe66200afe5149454
Sha256: 9b965a1bb5129d0905b2b72cef2fb050de879c8aa1e3a417ba8bcd8721d3879c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce-mercadopago/assets/css/global.min.css?ver=5.7.6 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 20:14:24 GMT
etag: "2ff-630686a0-3fb223dceffe18f2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 317
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (767), with no line terminators
Size:   317
Md5:    f534738800e8035e845ad0b66315d0dc
Sha1:   edae8988ac68ecb38d815112cc7488917298b7a4
Sha256: f128acc34a99e615497f7613c21e09dd5ed5b9dd8fb7fd2c525ac99b9b649dc5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 16:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css2?family=Lato&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 16:27:52 GMT
date: Sun, 18 Sep 2022 16:27:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 21:59:58 GMT
etag: "15db1-63069f5e-4a7ff1bfbf64bca7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30027
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30027
Md5:    63373db5c13254717674a1af4cd88aa2
Sha1:   21a1962ab8597d9066640a7157a41370341ff0cf
Sha256: d883f77be0299ddb715175908b03076554287b13f87570369fb58adeade16891

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 22:00:00 GMT
etag: "2bd8-63069f60-e64fca440f7639fb;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3984
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3984
Md5:    4116c2be947ecf205a0c7fc117ca55f0
Sha1:   0cd8efc9fe349d67a86b49d1e5582a9b21d05add
Sha256: 6b1970b536b88a18b0eb4fe138e677b9736294057660676507fabee57cb0462c
                                        
                                            GET /wp-content/themes/claudiotheme/dist/main.js HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Thu, 01 Sep 2022 19:56:56 GMT
etag: "19909-63110e88-dcacd940046d61d1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 39315
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65474)
Size:   39315
Md5:    4c23e300403676ca79b9c56516b67fe7
Sha1:   62e93a9744c829f4a8b0711cb363ad69e11c9901
Sha256: 4a8993ca15e2c7b4bfb9f166990804e979230f4045b1a0b077661c141318bd3e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.0 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 20:36:25 GMT
etag: "253d-63068bc9-6a0c1f08801150a8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3242
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9139)
Size:   3242
Md5:    2334040ad30a3a3cc5055ad8643b2e10
Sha1:   6a6ff9799ad8cac3502e2189a02ed74ca02ff4a3
Sha256: 08acb85d899a61171f9c6721e41ed8022d7aa4f6cc1aab9c7c39fe55cdd18960

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.0 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 20:37:35 GMT
etag: "72a-63068c0f-2061e9bedc84ad86;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1668)
Size:   899
Md5:    22d65ba38528349e705d912ce26bf8ac
Sha1:   c89ba006009043d93b88ff155b4fec8797330550
Sha256: 6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.0 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 20:36:28 GMT
etag: "85b-63068bcc-a996a597cee2ffea;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2139), with no line terminators
Size:   677
Md5:    a43fc0dde8fdd69656ad0957e62849c7
Sha1:   4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
Sha256: 1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.0 HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Wed, 24 Aug 2022 20:36:35 GMT
etag: "b7a-63068bd3-2565b0ec50ab1fec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 935
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2938), with no line terminators
Size:   935
Md5:    ff0db23445ccd7328c7f10de152fb16b
Sha1:   ff94beb84c601febafb3b51e4f054f920ffb75fc
Sha256: 91034f25ae6d0e9f62eb1407e288f5b37140ad5ce9cd0d1d77d79e63d45882e3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/claudiotheme/assets/bandeiras/mercado-pago.png HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claudiodauelsberg.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.180.135.221
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 16:27:51 GMT
last-modified: Thu, 01 Sep 2022 19:56:39 GMT
etag: "8e15-63110e77-9a99fab2201abdaa;;;"
accept-ranges: bytes
content-length: 36373
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 376 x 119, 8-bit/color RGBA, non-interlaced\012- data
Size:   36373
Md5:    f24426077571f222e53832bf2f43e309
Sha1:   da507cb43efb25218915ab5a1966c76f129486eb
Sha256: fd4095a2c9f7d2dd5643162eb81a3517534f90ece26a67983e69d10b123017e0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5550
Expires: Sun, 18 Sep 2022 18:00:22 GMT
Date: Sun, 18 Sep 2022 16:27:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5550
Expires: Sun, 18 Sep 2022 18:00:22 GMT
Date: Sun, 18 Sep 2022 16:27:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QgOb-hraq20XpHk_0Cyz2UMxaIEjP8ilIXt2VuhiRJWJAOG5EuAb5A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 05:49:05 GMT
age: 38327
etag: "786c333cf08456aea446a55c547520572e1c2df9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11919
Md5:    f003d8b6e12692fb16dddd6827deead8
Sha1:   786c333cf08456aea446a55c547520572e1c2df9
Sha256: d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10554
x-amzn-requestid: 07497447-33e7-4f60-a3ff-974f581c5704
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlG_7IAMFaIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-1964dc6548cb5f7c09f65b78;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BLfMTudduK95E9WeV9h987RYPa2RjQTtcl6jkjAZxgSWmCfUTnxU4A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:43:11 GMT
age: 67481
etag: "0b00e1a594dc88c8fb05044a69cc0ba1eafc4946"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10554
Md5:    7334a6bdb209350f41e4640960c9ce2a
Sha1:   0b00e1a594dc88c8fb05044a69cc0ba1eafc4946
Sha256: bf946afeb52d95f27e2a271486accf87a0c169e5e78f6d57cace80564e2ed668
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5448
x-amzn-requestid: 3b63d209-af92-4d64-866a-d8f677aa62a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn659H9DIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea5-30e7f8a32603ba70671addec;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JKenU-KwXFVEu-tZnc_yoDis5Lt-2tY0RcjH7ZT592hqp0tIUF25Lg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:01 GMT
etag: "ac0d1af96508d026f9a1252d358660bd5671f9bd"
age: 67131
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5448
Md5:    c9a9211e94d6aa2429e9663ef317707e
Sha1:   ac0d1af96508d026f9a1252d358660bd5671f9bd
Sha256: 36663b67119ae58b665e43d86b73045472cf23d73bf2c981754f479989690791
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6869
x-amzn-requestid: e4e424a6-6c79-405b-8d1b-d40749ae3f0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5yLHi8oAMFpXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cda-22f6dae17ded045177976eaf;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:32:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eSPLuSCIr6IOor8bQh1STKcy6i_bS6nPhndKrN_g7IrXl6U43TogYw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:29:35 GMT
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
age: 64697
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6869
Md5:    51d067e534c477ce996b3e806f6a132e
Sha1:   451c1f67948e45909e636828e3d2a3099de922f0
Sha256: e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5827
x-amzn-requestid: a30d5a61-ccb2-4582-8298-1abb79830dda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VSF21IAMFvGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-5b79117f185617fb0f37a845;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cYYmknnm5GHRMA69N-dqXXKHb1-tfN1PuRYB5xxtRJK5Gk3-PO0Bw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:16:15 GMT
age: 33097
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5827
Md5:    29f4a52fb629dce4ef8038d4df7ea58a
Sha1:   4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
Sha256: 32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mDe4BYbMkqkO3wq6onH6c_YOfWn32Z4L9t-QW_5mwez4bcrVkrQBuw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:38:13 GMT
age: 31779
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5133
Md5:    56ade9172e883c777dd974ca879bceba
Sha1:   b2aaf019e083443a6404c262206ee2e981d3165c
Sha256: c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
                                        
                                            GET /wp-content/plugins/formcraft/file-upload/server/content/files/1607a9d7f712cc---30182819325.pdf HTTP/1.1 
Host: claudiodauelsberg.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         82.180.135.221
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://claudiodauelsberg.com.br/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 16:27:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing