Report - www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf

Report Overview

Submitted URL
www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=
IP
192.185.223.116
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-09-24 00:36:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226
www.alaskausa.org	258465	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	75 kB	107.162.171.161
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.164.68.15
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	108.156.28.95
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.9 kB	93.184.220.29
www.primegestaoempresarial.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	48 kB	192.185.223.116
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.228.207.167

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-24	medium	www.primegestaoempresarial.com/enroll/ScriptLib/md5.js	Phishing
2022-09-24	medium	www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js	Phishing
2022-09-24	medium	www.primegestaoempresarial.com/trade/alaska/alaskausa/Scripts/jquery-1.10.2.js	Phishing
2022-09-24	medium	www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/AriaLib.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	www.alaskausa.org/angelfish.js	19 kB	2023-03-07	2023-03-17
Pretty URL www.alaskausa.org/angelfish.js IP 107.162.171.161 ASN #55002 DEFENSE-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:46 Last Seen2023-03-17 12:55:46 Times Seen1 Hash b0a1bc8773108329b67fd17980a825cd dc47758e448d6cd8c07603215b8f24f2ec802ef6 52f59eb7078a1825870963d57bb6e1caa4e025bd4d991c2256433965534d30ea Loading...

	www.alaskausa.org/js/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-04-18
Pretty URL www.alaskausa.org/js/jquery-1.11.3.min.js IP 107.162.171.161 ASN #55002 DEFENSE-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-04-18 21:06:38 Times Seen10280 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

HTTP Transactions (35)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6965
Expires: Sat, 24 Sep 2022 02:32:15 GMT
Date: Sat, 24 Sep 2022 00:36:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

18.164.68.15

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.164.68.15:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 00:05:20 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 35f1076ba1ff613e428e9cf6a2f57580.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: JsHESwLF41GUoSW7zL5IEKycibjI5eMRrCFp07DOKdzf7LDREEbTpg==
Age: 1850

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

108.156.28.95

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
108.156.28.95:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 ce738519b722f3350531751d4205f8f4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: yqQn1iz-2EuHY0qjxRO5yLIrZQ6dxRyOVSBkbW5uv3uMpvW_bbrsqA==
age: 73388
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 00:36:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.164.68.15

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.164.68.15:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 00:33:00 GMT
Expires: Sat, 24 Sep 2022 01:33:00 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 46b5aeb0e7bcc8895e9b923ffd4a3896.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: dIRyF08yNNpnuPnCkBwDy0odN4Fk64WtFSexg7_wrgqV37XRPZwpHw==
Age: 190

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 00:36:10 GMT
Last-Modified: Fri, 23 Sep 2022 23:57:58 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=

192.185.223.116

200 OK

43 kB

URL HTTP/1.1
www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=
IP
192.185.223.116:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (38668)
Size
43 kB (43280 bytes)
Hash
e457a879039020204071cf37f756ca50
1514168c1b083788c95cd0012c6a3d877c8c6af8
6795c882dc04c286d0d6f52e401774c7ffa684672ac26cefd16890da98d5df81

HTTP Headers

GET /trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm= HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 00:36:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=7200
Expires: Sat, 24 Sep 2022 02:36:10 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Accept-Ranges: none
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

44.228.207.167

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.228.207.167:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: z64sPC32eYe1LeWTcd7TuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3e31VTYV9F3oewLOc6dS/3r+kic=

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
83e36beadf427ffc0bab19a2033a99d7
eb221678a87b925ac01d8f897d17df5fc18e3251
c19f433c431fbe31062485dc9ae71478ed4b759b07f10f08b8dc4504f24abb39

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 00:36:11 GMT
Last-Modified: Fri, 23 Sep 2022 22:51:19 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
83e36beadf427ffc0bab19a2033a99d7
eb221678a87b925ac01d8f897d17df5fc18e3251
c19f433c431fbe31062485dc9ae71478ed4b759b07f10f08b8dc4504f24abb39

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 00:36:11 GMT
Last-Modified: Fri, 23 Sep 2022 22:51:19 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
83e36beadf427ffc0bab19a2033a99d7
eb221678a87b925ac01d8f897d17df5fc18e3251
c19f433c431fbe31062485dc9ae71478ed4b759b07f10f08b8dc4504f24abb39

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 00:36:11 GMT
Server: ECS (amb/6B93)
Content-Length: 471

www.alaskausa.org/angelfish.js

107.162.171.161

200 OK

8.7 kB

URL HTTP/1.1
www.alaskausa.org/angelfish.js
IP
107.162.171.161:0
ASN
#55002 DEFENSE-NET

File type
ASCII text, with very long lines (826)
Size
8.7 kB (8704 bytes)
Hash
23acb6d2cd2e079bfe986f0761b957d5
bb1cf7660324be47645c3e239b6fa51faa7421ea
ad8da576b2060355b1ed4f753cb2a19ee37bba690f9fff2442a2654e55f235eb

HTTP Headers

GET /angelfish.js HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 20:52:57 GMT
Accept-Ranges: bytes
ETag: "1bab654bc5ced81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 24 Sep 2022 00:36:09 GMT
Content-Length: 8704
Via: 1.1 dca1-bit12005
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: Keep-Alive

www.alaskausa.org/css/akusa-express.css

107.162.171.161

200 OK

4.6 kB

URL HTTP/1.1
www.alaskausa.org/css/akusa-express.css
IP
107.162.171.161:0
ASN
#55002 DEFENSE-NET

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
4.6 kB (4644 bytes)
Hash
825350f09acb37cf5ec0cac6016f5c8d
253d99cb60408d7f60734dcaf60abe848b4281c9
4afa21fd07b5e1574b4637b41e29ae2e93176e941d172c1476ca7fa947f7834e

HTTP Headers

GET /css/akusa-express.css HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 22 Sep 2022 20:53:08 GMT
Accept-Ranges: bytes
ETag: "7fa6ba51c5ced81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 24 Sep 2022 00:36:13 GMT
Via: 1.1 dca1-bit12005
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

www.alaskausa.org/js/jsSuite-1.8.js

107.162.171.161

302 Object moved

296 B

URL HTTP/1.1
www.alaskausa.org/js/jsSuite-1.8.js
IP
107.162.171.161:0
ASN
#55002 DEFENSE-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
296 B (296 bytes)
Hash
33dc966734cea833f261863e35b1f2f3
b1c3e2ea6431645131178005d1eb1677c40cf4e5
21ec73760050529f53f914ef8194651a4c2de4411e4bc36be410947bd3a26dbc

HTTP Headers

GET /js/jsSuite-1.8.js HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Object moved
Cache-Control: private
Content-Type: text/html
Location: /pageUnavailable.asp?status=missing
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 24 Sep 2022 00:36:13 GMT
Via: 1.1 dca1-bit12005
Set-Cookie: ASPSESSIONIDCUADSTQS=BIOKFJICJIDLHCNEBLCJBECP; secure; path=/
TS01682a2f=01ae8fb027664f5337797a838a2da9e0e1736b1bd1fdfc477c3c5e131dbbe5a06325bbce6420cb431024419753ddc162545897c1a97cd385cda8bf185ec94a91583ab23d80; Path=/; Secure; HTTPOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

www.alaskausa.org/js/jquery-1.11.3.min.js

107.162.171.161

200 OK

46 kB

URL HTTP/1.1
www.alaskausa.org/js/jquery-1.11.3.min.js
IP
107.162.171.161:0
ASN
#55002 DEFENSE-NET

File type
ASCII text, with very long lines (32038)
Size
46 kB (45711 bytes)
Hash
cf54b56dbd2adb27eb44fe6defb747e6
78e81335c5c317f9d56877d2f011a74a50910dd8
9256346dc8067ab6665a68fe1590b676d13f8ecd353fa2676ec372a2f3338a94

HTTP Headers

GET /js/jquery-1.11.3.min.js HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 20:54:20 GMT
Accept-Ranges: bytes
ETag: "6a76a7dc5ced81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 24 Sep 2022 00:36:09 GMT
Via: 1.1 dca1-bit12005
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Sat, 24 Sep 2022 01:14:09 GMT
Date: Sat, 24 Sep 2022 00:36:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Sat, 24 Sep 2022 01:14:09 GMT
Date: Sat, 24 Sep 2022 00:36:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Sat, 24 Sep 2022 01:14:09 GMT
Date: Sat, 24 Sep 2022 00:36:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Sat, 24 Sep 2022 01:14:09 GMT
Date: Sat, 24 Sep 2022 00:36:12 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c80a02c-1515-49a8-8ea9-716d3094dcfa.jpeg

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c80a02c-1515-49a8-8ea9-716d3094dcfa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6510 bytes)
Hash
146cb832dec96067e5e003b2f7617941
b0697adfd0fab611ba6afae2218645977846c341
e3ebac2261c6243caf678babe5350ae70da1e24fd7a0bbfdb449fd2b933eb237

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c80a02c-1515-49a8-8ea9-716d3094dcfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6510
x-amzn-requestid: 1d584980-5495-4925-b420-ef8b5a5e30e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7ruGGusoAMFe6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e265a-370b00862dfed1606ac36797;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:34:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UKUo6081ZsJZLGVpaTA4z6S2fAciJj7IW4RtS7Kl2CiAZjhljs8-ig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:18:53 GMT
age: 8239
etag: "b0697adfd0fab611ba6afae2218645977846c341"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbab0d089-95bd-4651-a13f-3229c2063991.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11724 bytes)
Hash
ef747f1f9a0ba61710d9241ce96b24b8
76ade0c3c0ba623c924212fb0942689339749e27
78c53067a0766d4be7b1428f5d668a47bcba5d4bce1682aa7a31ebf355eaffc8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbab0d089-95bd-4651-a13f-3229c2063991.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11724
x-amzn-requestid: 4a6a75b9-e171-4b1f-acb2-3579514cdb90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5t3jEiFIAMFYzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5cfc-6c724fa704ad6fe4020f14ee;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:15:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZHPuyMjGdAV2sRyfjiQ8KRC1VIngRIteN6e-1Gl3cO5HTKgqF_8ZCA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 07:17:03 GMT
age: 62349
etag: "76ade0c3c0ba623c924212fb0942689339749e27"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175a85c3-10d3-4e8f-bb64-d8da75a938c4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6294 bytes)
Hash
007aba90cc24589b974c6039372121d3
c308f846b81275e50122f99a229ae3fec0b5fe4c
dac4561f24f52c33e79e86b0794eab704866a879d6967ec120fdf7bc5a4e2d8c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175a85c3-10d3-4e8f-bb64-d8da75a938c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6294
x-amzn-requestid: 4007bdf7-f31a-414b-8711-f319aa09692b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7ruHG-loAMF-QA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e265a-18dc206b23fe3e383c1eb9cc;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:34:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C-XyRAhMGXUgsUrSD0ecJs-6vZMpE5pLjNShVhWYuyNOlehUMFmwmw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 10103
etag: "c308f846b81275e50122f99a229ae3fec0b5fe4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4829 bytes)
Hash
3f93f322ecd0244e7ee4169b200b50df
8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3
2bb739a60a4581e554fb308be7df8b3d7f47e95051e5ef5e0d1d9ed0a0443b68

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4829
x-amzn-requestid: c283df3f-4198-47dd-9b24-634c425bccd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2aA_HgFoAMF_tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0a06-3881d661368a03ae48227b37;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:08:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NX_aUnmznw69dQzAWyvuo9umcrue7WRWVKjpYbWLfUbyqlBa1szcig==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 07:40:18 GMT
age: 60954
etag: "8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefe0e74a-9715-4779-b8bd-d79486ea0663.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6888 bytes)
Hash
5f71b1368e471f98a48563bd55548cf8
18db64cc911a98afa49bec290658844a54bca927
c1b20952496d33635f8994558227bda8ddd268419f84123a167aade99c0ba56d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefe0e74a-9715-4779-b8bd-d79486ea0663.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6888
x-amzn-requestid: 3b91e2f8-7085-4598-8e10-ca4a5ee87571
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tAXFbmIAMFVQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2868-3eb36435766137c86cbd1781;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BJGN5qtK0qcjOrFuNgBmX5i_IVqEGqyiAqT4D7UxA71P801V16Kzxw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:51:45 GMT
age: 9867
etag: "18db64cc911a98afa49bec290658844a54bca927"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14579 bytes)
Hash
f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:05:15 GMT
age: 9057
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.alaskausa.org/pageUnavailable.asp?status=missing

107.162.171.161

200

13 kB

URL HTTP/1.1
www.alaskausa.org/pageUnavailable.asp?status=missing
IP
107.162.171.161:0
ASN
#55002 DEFENSE-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (675), with CRLF, LF line terminators
Size
13 kB (13041 bytes)
Hash
7aeeabaef4676edc9732113bc19c70b6
854a0f4bddc8b38d68b4da04314a9ad9b1788df6
79c9577dd22d0524f9cad9925ef6f60d89c0b34337b7e2e2a56f5e158cd1f91c

HTTP Headers

GET /pageUnavailable.asp?status=missing HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Cache-Control: private
Content-Type: text/html
Set-Cookie: ss=c; expires=Mon, 24-Oct-2022 00:36:10 GMT; path=/
lst=991453567; expires=Sat, 24-Sep-2022 00:51:10 GMT; domain=.alaskausa.org; path=/; secure
ASPSESSIONIDQGSDBBRA=MEMOEGGCJBNBBCMMILBHFLPA; secure; path=/; HttpOnly
TS01682a2f=01ae8fb0278498bbd0e3cfdb4096f7d53e20a9fdaae6d82f96c0265bc0c9db59eeb640307d0ee0644d015a337c83abd7c195cae77270358e9ea85df12e2aa6e8ca207d398e0fc44905f12f7a5e65637119f86b3d78; Path=/; Secure; HTTPOnly
TS013395ac=01ae8fb0272d5387297e26a84be4f056f6fe922dfee6d82f96c0265bc0c9db59eeb640307d57461f70267fed82cd0616cbabf9336280574ece9a62f5fdd3291f7d429d3805; path=/; domain=.alaskausa.org; HTTPonly; Secure
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 24 Sep 2022 00:36:10 GMT
Via: 1.1 dca1-bit12005
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

www.primegestaoempresarial.com/enroll/ScriptLib/md5.js

192.185.223.116

301 Moved Permanently

0 B

URL HTTP/1.1
www.primegestaoempresarial.com/enroll/ScriptLib/md5.js
IP
192.185.223.116:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /enroll/ScriptLib/md5.js HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 00:36:11 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/enroll/ScriptLib/md5.js
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a

192.185.223.116

301 Moved Permanently

0 B

URL HTTP/1.1
www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a
IP
192.185.223.116:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 00:36:11 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://primegestaoempresarial.com/enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44

192.185.223.116

301 Moved Permanently

0 B

URL HTTP/1.1
www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44
IP
192.185.223.116:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44 HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 00:36:11 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://primegestaoempresarial.com/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a

192.185.223.116

301 Moved Permanently

0 B

URL HTTP/1.1
www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a
IP
192.185.223.116:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 00:36:11 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://primegestaoempresarial.com/enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js

192.185.223.116

301 Moved Permanently

0 B

URL HTTP/1.1
www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js
IP
192.185.223.116:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 00:36:10 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

www.primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621

192.185.223.116

301 Moved Permanently

0 B

URL HTTP/1.1
www.primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
IP
192.185.223.116:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621 HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 00:36:11 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

www.primegestaoempresarial.com/trade/alaska/alaskausa/Scripts/jquery-1.10.2.js

192.185.223.116

301 Moved Permanently

0 B

URL HTTP/1.1
www.primegestaoempresarial.com/trade/alaska/alaskausa/Scripts/jquery-1.10.2.js
IP
192.185.223.116:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /trade/alaska/alaskausa/Scripts/jquery-1.10.2.js HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 00:36:15 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/Scripts/jquery-1.10.2.js
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/AriaLib.js

192.185.223.116

301 Moved Permanently

0 B

URL HTTP/1.1
www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/AriaLib.js
IP
192.185.223.116:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /trade/alaska/alaskausa/ScriptLib/AriaLib.js HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 00:36:14 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/AriaLib.js
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css

192.185.223.116

301 Moved Permanently

0 B

URL HTTP/1.1
www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css
IP
192.185.223.116:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /trade/alaska/alaskausa/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?eue=jlozf_tdcdgv&ad=&idbkwgm=

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 00:36:15 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (35)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size