Report - g2gesso.com.br/cc/auth.php

Report Overview

Submitted URL
g2gesso.com.br/cc/auth.php
IP
162.214.69.46
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-03-20 08:19:44
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-26T05:15:01Z	686 B	445 B	216.239.34.36
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	2.7 kB	7.1 kB	23.36.77.32
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-26T05:35:01Z	384 B	62 kB	142.250.74.40
g2gesso.com.br	unknown	2017-02-01T20:20:48Z	2023-03-20T08:53:27Z	11 kB	3.2 MB	162.214.69.46
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	35.164.248.86
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	62 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	1.0 kB	2.1 kB	142.250.74.131
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-25T22:19:37Z	6.0 kB	284 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-26T06:13:06Z	1.2 kB	21 kB	142.250.74.78

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-20	medium	g2gesso.com.br/cc/auth.php	Phishing
2023-03-20	medium	g2gesso.com.br/cc/auth.php	Phishing
2023-03-20	medium	g2gesso.com.br/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1678343156	Phishing
2023-03-20	medium	g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-bc1d3cae.min.js	Phishing
2023-03-20	medium	g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-55391668.min.js	Phishing
2023-03-20	medium	g2gesso.com.br/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff	Phishing
2023-03-20	medium	g2gesso.com.br/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	g2gesso.com.br/cc/auth.php	739 B	2023-03-07	2024-04-26
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:06 Last Seen2024-04-26 17:01:32 Times Seen4220 Hash ff682bd8e00a4c2b202a4d37f7ba3cdd 4b92aa9fb8a9cf79c352ece5cba00b2f281de332 d1576e7c5bb5b36cc04888b220fb672165073615b2423b76b51074334d616555 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 00:47:08 Times Seen37106607 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	g2gesso.com.br/cc/auth.php	493 B	2023-03-07	2024-04-26
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-26 14:22:53 Times Seen4279 Hash f73f3cc147a181d5955eaba113c1c122 07a5ef5a63d37a99d17986786d75bdcb3cda6409 5aab3a40376dc0dffe15b2882b50d298e6c877683a4f25ddfcf77fbd16d47b56 Loading...

	g2gesso.com.br/cc/auth.php	2.8 kB	2023-03-26	2023-03-26
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:29:43 Last Seen2023-03-26 11:29:43 Times Seen1 Hash 9475dbd0fb22b380bd49301d820073e3 04a65b9719b397cc3909bf46b514a8b2f3ec43e5 0882ae785bc6a3ef37de5d5159428401081f20cafc9c3ce36a76efb9df215ead Loading...

	g2gesso.com.br/cc/auth.php	332 B	2023-03-07	2024-04-27
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-27 00:37:31 Times Seen9167 Hash 7d495bb1d6c246a2d57df3ab9332a3cc 6367d4f8addf48f2af1023b8176a2263bb424d01 df09a4f39d495e901a5479fce56c8ddec4f8a6acda1b3ceab7adc704fa439e32 Loading...

	g2gesso.com.br/cc/auth.php	532 B	2023-03-07	2023-03-26
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:45 Last Seen2023-03-26 12:04:26 Times Seen3 Hash f6585e7a8e3d76b42ac7631795a68cb3 f4d0da0ef6bd3e7a03724173a04a7cde08590ad4 0d4dba63d5a63913e4c0ffcf552b9eda68169e8dae86ef67585d70a82c88e982 Loading...

	www.googletagmanager.com/gtag/js?id=G-9P6QK3CBCC&l=dataLayer&cx=c	247 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-9P6QK3CBCC&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:29:43 Last Seen2023-03-26 11:29:43 Times Seen1 Hash 97e0f2690071c4f05d6b15d3c809d58e b4efaf3eadf3c4e30278c130fef5f98aa1854eb9 56912c9f36b4ae5f45b1f4cc977db109c5724c6b514562ce28f15d393e3e0aa3 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	g2gesso.com.br/cc/auth.php	180 B	2023-03-07	2024-04-24
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:06 Last Seen2024-04-24 22:40:37 Times Seen3182 Hash 623d6f59f2a5b2ba62b39858ccdd3989 6a97f16eb9c49657c50eb392d761380915ffd423 dd2c61ba8e6b506df9729d254d5c12b3c0f9de99bb7e5dba5f7e58c15d729f89 Loading...

	g2gesso.com.br/cc/auth.php	1.9 kB	2023-03-07	2023-03-26
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:45 Last Seen2023-03-26 12:04:25 Times Seen3 Hash ccd3e10ab547781f5763069e04f2c1d9 43ac187c226414efd5737f31b7eb61cc6270f626 c8fe7a375d900001f3850013acd10e80db655eba632e181fd4f62f1d1553f4ba Loading...

	g2gesso.com.br/cc/auth.php	299 B	2023-03-26	2023-03-26
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:29:43 Last Seen2023-03-26 12:04:26 Times Seen2 Hash b8128ea56cbba8d9bc065b9c323ef0e2 4a18e2d65dae8043e446921b7b093e3e0b64ee33 463c74670c115b2ad34cf2fc2dad00f9d7ef3b312de2949db33c1c75614c5198 Loading...

	g2gesso.com.br/cc/auth.php	2.3 kB	2023-03-07	2024-04-27
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:07 Last Seen2024-04-27 00:37:31 Times Seen7947 Hash f0bef95e258d5b84f82c5d4e29252176 eac5936c555c039bc38816d0916e13c0b364d797 a6c3ffec54ef5f2ca033b1fcdf84e1feac93437a3d8d4439667e9276ca2a9836 Loading...

	g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-55391668.min.js	128 kB	2023-03-12	2023-03-26
Pretty URL g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-55391668.min.js IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:12:12 Last Seen2023-03-26 12:04:26 Times Seen4 Hash 62e011ea046dcc2ef2be6e748c8c5b5b 0589a4ba2ae4a4451cdc6eae2f0aa5e8c9a24366 a5e0ac152323bf1bf0cb56f0b4b896a0ce2f83c29f0cd9c001a4f260825e0a5d Loading...

	g2gesso.com.br/cc/auth.php	1.9 kB	2023-03-07	2023-03-26
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:45 Last Seen2023-03-26 12:04:26 Times Seen3 Hash bcb3013d4bd15bbc7ffb5ccc8d826779 ca0a987486fd5c92db4aa8fb2826f13054fafe38 f00cab470a0e1880e83c896edeb8b621734f49ad60b63f845627d639b20e5bf5 Loading...

	g2gesso.com.br/cc/auth.php	47 B	2023-03-07	2024-04-26
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-26 23:47:14 Times Seen6639 Hash 2f518cfc8223c53c44094f57eacc972f a919f586352875054a0a7f438c3e3d33cb5768b3 1d89df5c4aeb93c45e67d479e74ca02e5a104d7e421e4f2415e4a204c9816b0b Loading...

	www.googletagmanager.com/gtag/js?id=UA-198107375-1	167 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtag/js?id=UA-198107375-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:29:43 Last Seen2023-03-26 11:29:43 Times Seen1 Hash 814d578bc858dd681e4ddf5deb864e2d 8e9f398ade4d57c84af00cefa311ad8b27ddb4b2 863f19d99690a9bddf0bafdc21834794c55300814af1e45b7577c247f9bc6ce3 Loading...

	g2gesso.com.br/cc/auth.php	446 B	2023-03-07	2023-03-26
Pretty URL g2gesso.com.br/cc/auth.php IP 162.214.69.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:45 Last Seen2023-03-26 12:04:26 Times Seen3 Hash 61720f30b17508d1b07fb33bea5020fd f2481c6a36bcccd36c94717f4ee1140e3ac6a9a8 51a0d2d95325f191a66492b4d41e74435160af66b4845eaee48899468dfb67cf Loading...

HTTP Transactions (62)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
28774b36cf8bb6b054329393a33f6239
728313ddff6d5ceb6db3eb8445f039779616a140
08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7668
Expires: Mon, 20 Mar 2023 10:27:20 GMT
Date: Mon, 20 Mar 2023 08:19:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13417
Expires: Mon, 20 Mar 2023 12:03:09 GMT
Date: Mon, 20 Mar 2023 08:19:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eddc2a353d39e5ce5c30d7e90b3ed6a5
305e86e4b966344c135c50af9a6509ffd3a83e9e
bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD775C38C2E11F1BAEDDE5D92AB17CEAF4C2067F8EA996595A66801758A71813"
Last-Modified: Fri, 17 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14790
Expires: Mon, 20 Mar 2023 12:26:02 GMT
Date: Mon, 20 Mar 2023 08:19:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 20 Mar 2023 08:14:53 GMT
content-type: application/json
age: 279
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uTk5iR6tfyGUlpHh8A+GSqFpCynBRuPA9H0/VJ+DiRuIg+WkEW+PWJn/azVewZb4P8qAovwg7hMTCOjJhTs94Q==
x-amz-request-id: DCQXK8EGX73M3ARK
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 20 Mar 2023 07:58:37 GMT
age: 1255
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

g2gesso.com.br/cc/auth.php

162.214.69.46

301 Moved Permanently

242 B

URL HTTP/1.1
g2gesso.com.br/cc/auth.php
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
242 B (242 bytes)
Hash
127f1f7bbb97849e937a86f27891805f
9ae9533e3932cf8e14bede156aacf1a00a29fd75
4e6ae13f3177998771c0edee5b24ad5a1b24061d0532b14760c663c6535a5cfe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cc/auth.php HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 20 Mar 2023 08:19:32 GMT
Server: Apache
Location: https://g2gesso.com.br/cc/auth.php
Content-Length: 242
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 20 Mar 2023 08:19:33 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Pragma, Content-Type, Content-Length, Cache-Control, Expires, Backoff, Alert, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Mar 2023 08:14:32 GMT
age: 301
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3462d41d9283fedf24f278089d5d1570
b8bcea77656f775cdc34620322cc616216ed2b95
55e47b413ba648a98eb6e92ab73aee602912cd13e7da23ef3cea1490c1b9de50

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55E47B413BA648A98EB6E92AB73AEE602912CD13E7DA23EF3CEA1490C1B9DE50"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6003
Expires: Mon, 20 Mar 2023 09:59:36 GMT
Date: Mon, 20 Mar 2023 08:19:33 GMT
Connection: keep-alive

push.services.mozilla.com/

35.164.248.86

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.248.86:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gHeBWJsH43d+Vlk+ZtAPlg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mMXjgChuDz6IKOFCtqfCKq1AbxA=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12931
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 08:19:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12931
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 08:19:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12931
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 08:19:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12931
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 08:19:35 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7695 bytes)
Hash
302595cc68fe8cf12121d0f652b3194d
e5532a3fed552246e8a63ea2ba75e174273a7b9f
6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7695
x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDETIHf8oAMFxEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 388_JExXl_vwNTUh_69QfjoGz-cNeQwwrp6kpAP1Hhv3VvtgeeXbrw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:55:31 GMT
age: 37444
etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9509282-2846-486c-aca4-fc2e2da04b09.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11394 bytes)
Hash
1100f09022852609077bf427f7ce49cd
352e2e60702ca76d7308bbbee83ef7c1413c5b0c
d1cf4a7974bb384cf13448a6aecc5f6bbd387e0eeb60d696df35acfd5231a46b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9509282-2846-486c-aca4-fc2e2da04b09.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11394
x-amzn-requestid: cda4fbe4-0b4e-4836-839a-54f4e40d61a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDVOEZ7oAMFZwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f54-17fbfda14a9a37e523ca5d54;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ZTTTWfKeikORTA2LNaw0Y53oUvqRI-WNFJ28Mu8NzVruBHPkB0VswA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:15:29 GMT
age: 36246
etag: "352e2e60702ca76d7308bbbee83ef7c1413c5b0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6d92bde-aeaf-4220-ab31-32d913cebcbf.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9844 bytes)
Hash
df9bad66ead39008462af08bda8ff3cb
816a0f35e0cf37329fa233a8fefe9a8addf04edc
f1bf32da41b171c73b741c247ddfbc91d2e82daba395fde6798de3a2571f3fc3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6d92bde-aeaf-4220-ab31-32d913cebcbf.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9844
x-amzn-requestid: 05aa623d-9c20-49ff-a68d-323d0dcf4d59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDEhgFXzoAMFvMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417813c-078768b7057ff73c29e5514b;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:40:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: AOhxtm5AelyUDMj3ZY3nYaHSJV2steyS9Yqi9CPpsos7lOelfxy6PA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:50:29 GMT
age: 37746
etag: "816a0f35e0cf37329fa233a8fefe9a8addf04edc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10338 bytes)
Hash
78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: xfkObFQbeYQQjIJ4FWQ7xKbH5FPxBQ1vkTDCwWCM6IcAAu8H31BNhQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:04:48 GMT
age: 4487
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cd6847f-4682-4476-ab1c-3a96a63feea0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6839 bytes)
Hash
2dd89721d1aeaf671e76434c7d8a4ad7
a3dedec80d68e8f0326548d03b0e594ffc87ecd1
ff593609540ed01673c58483ce57a40cc712000d32427ccf2486fd0035728448

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cd6847f-4682-4476-ab1c-3a96a63feea0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6839
x-amzn-requestid: c478a5c6-cb9b-4324-be41-b79c32f99570
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDU6GKyoAMF6uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f52-180dc15d2627e08d3182a761;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QBgnZBxWku97O-CIkgmOTJe5g2DCZOozVhHj_0ViEP6w7hDeXPhmeg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:14:42 GMT
age: 36293
etag: "a3dedec80d68e8f0326548d03b0e594ffc87ecd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24e4aa78-0ee1-4b04-8fed-b9e18ef3dc8d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9798 bytes)
Hash
dea3a1324b960e401a08c2cb04727426
8c37df5978cf6391f65828c045ee849d581504d3
d7a35e850cc1d912c1308c279d918005919bcfc30087934beaafcc792ac36e0c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24e4aa78-0ee1-4b04-8fed-b9e18ef3dc8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9798
x-amzn-requestid: cb50a348-357d-470c-934a-41da54b6ecbe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDEj0H5goAMF1-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417814b-61658765317b3e9c781d7347;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: emnHxZdaHLcn6gr4_OncYwPHDVryfhlzyBtxIzV38nNkysvy34nZHQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:21:35 GMT
age: 35880
etag: "8c37df5978cf6391f65828c045ee849d581504d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 08:19:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-198107375-1

142.250.74.40

200 OK

61 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-198107375-1
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3991)
Size
61 kB (61273 bytes)
Hash
d875a32dbec0955f261b059734b470a2
7252633e6ffe786cbf56d115b89e05814dc646db
cfcb8fa3031326848c1911aad25023b5c01d91118b0608709dd33b97fa74c51a

HTTP Headers

GET /gtag/js?id=UA-198107375-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 08:19:35 GMT
expires: Mon, 20 Mar 2023 08:19:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 61273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 08:19:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

g2gesso.com.br/cc/auth.php

162.214.69.46

404 Not Found

127 kB

URL HTTP/1.1
g2gesso.com.br/cc/auth.php
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26340)
Size
127 kB (127406 bytes)
Hash
59e93d72ac5eee703d201280535749dc
0ac33bebfedb1c9ca7d4bc390a59744d89f58890
9fce5bc1632e24b7e015e4cabdbda0dc722a063a9debef15f324e27a752b760f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cc/auth.php HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 404 Not Found
Date: Mon, 20 Mar 2023 08:19:33 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
WPO-Cache-Status: not cached
WPO-Cache-Message: The request extension is not suitable for caching
Link: <https://g2gesso.com.br/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

g2gesso.com.br/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1678343156

162.214.69.46

200 OK

7.9 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1678343156
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (7889), with no line terminators
Size
7.9 kB (7889 bytes)
Hash
f0e747ebf23a855d70993dd3b935e553
9e2b8c666fe183aaf2dc0b7e6e5b80c472236c14
56f955fe552cc90c384985389d4f02c5822c523daddd903d097533564fbd7cf8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1678343156 HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Thu, 09 Mar 2023 06:25:56 GMT
Accept-Ranges: bytes
Content-Length: 7889
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-bc1d3cae.min.js

162.214.69.46

200 OK

982 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-bc1d3cae.min.js
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (45047)
Size
982 kB (982412 bytes)
Hash
62fd5211e0f99948bceb9b2f9df75539
ef053203d03e490d53862fcd445940ef7f75aa99
a45ae94a6af18b9470a1e86ba7b2fd2b0ce3d0f234eb2b841d2a5abb1965583e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-bc1d3cae.min.js HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Sun, 19 Mar 2023 16:51:21 GMT
Accept-Ranges: bytes
Content-Length: 982412
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-55391668.min.js

162.214.69.46

200 OK

128 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-55391668.min.js
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65447)
Size
128 kB (128143 bytes)
Hash
62e011ea046dcc2ef2be6e748c8c5b5b
0589a4ba2ae4a4451cdc6eae2f0aa5e8c9a24366
a5e0ac152323bf1bf0cb56f0b4b896a0ce2f83c29f0cd9c001a4f260825e0a5d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-55391668.min.js HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Sun, 19 Mar 2023 16:43:21 GMT
Accept-Ranges: bytes
Content-Length: 128143
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-c48e408b.min.css

162.214.69.46

200 OK

162 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-c48e408b.min.css
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
162 kB (161729 bytes)
Hash
31e6ffdc9494a995206726034566f09f
2248bad00b23ab85946ef3525a3557e30cd13b85
a13ea9fc2572c3b6be47c27845a1b9a47f2a92c04866e3bcaa8656bf7e538aa8

HTTP Headers

GET /wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-c48e408b.min.css HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Sun, 19 Mar 2023 16:51:20 GMT
Accept-Ranges: bytes
Content-Length: 161729
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-85a51719.min.css

162.214.69.46

200 OK

471 B

URL HTTP/1.1
g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-85a51719.min.css
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
471 B (471 bytes)
Hash
55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078

HTTP Headers

GET /wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-85a51719.min.css HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Sun, 19 Mar 2023 16:43:22 GMT
Accept-Ranges: bytes
Content-Length: 146602
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2

142.250.74.163

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22084, version 1.0\012- data
Size
22 kB (22084 bytes)
Hash
bab4daa6bec06781aa7262eca0be0ed4
b896fcea50433114a0433c9c8117677a875f1116
ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 13:49:51 GMT
expires: Thu, 14 Mar 2024 13:49:51 GMT
cache-control: public, max-age=31536000
age: 412186
last-modified: Mon, 15 Aug 2022 18:14:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2

142.250.74.163

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21516, version 1.0\012- data
Size
22 kB (21516 bytes)
Hash
90135ea44811b2d9610c33e07068fdb0
84ef1a8343877a598f1c7cbae56f35ded54a1787
bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 09:19:48 GMT
expires: Fri, 15 Mar 2024 09:19:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:12:10 GMT
content-type: font/woff2
age: 341989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWV4ewA.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWV4ewA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23704, version 1.0\012- data
Size
24 kB (23704 bytes)
Hash
3d4a6df8d47f0085c3bf7bd90563e9eb
f0d96d332787d0a8604f2b99dde7f3b947942cf5
d00bea31ec0d15e0e6013225b870d1f39fa2e26663d192c8520494c6156c0569

HTTP Headers

GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWV4ewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 09:10:55 GMT
expires: Fri, 15 Mar 2024 09:10:55 GMT
cache-control: public, max-age=31536000
age: 342522
last-modified: Mon, 15 Aug 2022 18:28:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2

142.250.74.163

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22212, version 1.0\012- data
Size
22 kB (22212 bytes)
Hash
e62adebf67147c481b9c00011e2c5d48
3af42ef356fa413fd162c56a7b11b8d34a61cefb
17ec0c20d179cf39cbbb164c18165e8a35e9678d5602c8c4f6826ff457b0685e

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 21:20:29 GMT
expires: Fri, 15 Mar 2024 21:20:29 GMT
cache-control: public, max-age=31536000
age: 298748
last-modified: Mon, 15 Aug 2022 18:15:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBM.woff2

142.250.74.163

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBM.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20888, version 1.0\012- data
Size
21 kB (20888 bytes)
Hash
da96b6f7330646b7313acb1b80137aba
218894130a018911af360b4ff9bfcc09faa9d70f
aebffd4b2e57e4c51a2d007557cb8f59abea10a1aad8967e196e3a29af0c49d5

HTTP Headers

GET /s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20888
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 00:00:43 GMT
expires: Fri, 15 Mar 2024 00:00:43 GMT
cache-control: public, max-age=31536000
age: 375534
last-modified: Wed, 27 Apr 2022 15:44:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBU.woff

142.250.74.163

200 OK

27 kB

URL HTTP/2
fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBU.woff
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format, TrueType, length 27052, version 1.1\012- data
Size
27 kB (27052 bytes)
Hash
9d58e7b4b629813cb816bf589e31f894
0938dc0a0a87591c2284b96300e1070010411baa
b8789c30fcb6849ebf7f0c31a30115f537cad877095f17fab270891249222e05

HTTP Headers

GET /s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBU.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 16:02:08 GMT
expires: Thu, 14 Mar 2024 16:02:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 15:44:35 GMT
content-type: font/woff
age: 404249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN58AfvNQKBM.woff2

142.250.74.163

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN58AfvNQKBM.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20608, version 1.0\012- data
Size
21 kB (20608 bytes)
Hash
f18af2916db21abd3a2fb6a0adb5076e
7915bbcaedea8f78358072247b7d717642b10c4d
373be09cd4b2d30f131bbb890ac38a6aad6a0484cc305f7073789448cf97a5c9

HTTP Headers

GET /s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN58AfvNQKBM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Mar 2023 17:43:46 GMT
expires: Mon, 18 Mar 2024 17:43:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 15:44:05 GMT
content-type: font/woff2
age: 52551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

g2gesso.com.br/wp-content/uploads/2020/01/Foto-1.jpg

162.214.69.46

200 OK

227 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/Foto-1.jpg
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2015:11:17 10:48:34], baseline, precision 8, 672x492, components 3\012- data
Size
227 kB (227131 bytes)
Hash
05c24c3c90d7565366b56b906d6f71cf
deb0ddd424df696c15e93c950160dbb9ff596de3
c14c714ca5d6faa9b2ec1eba133a799942b44c7d3776a20801104c82387874aa

HTTP Headers

GET /wp-content/uploads/2020/01/Foto-1.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 14:02:14 GMT
Accept-Ranges: bytes
Content-Length: 227131
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

g2gesso.com.br/wp-content/uploads/2020/01/contato-icone.png

162.214.69.46

200 OK

4.7 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/contato-icone.png
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 30 x 30, 8-bit/color RGBA, interlaced\012- data
Size
4.7 kB (4655 bytes)
Hash
b42ba2fb4101ac938355df77d8f07f1b
3e87f67395292bb8ecc920feedaca0fe5a66ad81
9051467963278460d74ff4a51b43dc4603bcda6e3fcee343e19444cbafbf4471

HTTP Headers

GET /wp-content/uploads/2020/01/contato-icone.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Fri, 17 Jan 2020 12:08:49 GMT
Accept-Ranges: bytes
Content-Length: 4655
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

g2gesso.com.br/wp-content/plugins/revslider/public/assets/assets/dummy.png

162.214.69.46

200 OK

68 B

URL HTTP/1.1
g2gesso.com.br/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Mon, 16 Jan 2023 16:39:09 GMT
Accept-Ranges: bytes
Content-Length: 68
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 08:19:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwaPGQ.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwaPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 24304, version 1.0\012- data
Size
24 kB (24304 bytes)
Hash
ec7702db70b59daa5385159295fa09b8
15e1a857e1c059d0cf265f21fbd3d44607dc1c8a
799713218b50965769af63d5cddcb2f746fbeca66a8b78ea3024fc8b57f01beb

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh50XSwaPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 02:54:42 GMT
expires: Fri, 15 Mar 2024 02:54:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
content-type: font/woff2
age: 365095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXg.woff2

142.250.74.163

200 OK

25 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25284, version 1.0\012- data
Size
25 kB (25284 bytes)
Hash
26f5a0992b68bb38801b08a348288591
4dc2e90e40d35482883aea5fa535cfa4e15fd392
386a206aade080bb0045005cfdbb660430ed46d652039eef6bc299d54d7c43ed

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjxAwXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25284
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 14:35:24 GMT
expires: Thu, 14 Mar 2024 14:35:24 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:46:28 GMT
content-type: font/woff2
age: 409453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGQ.woff2

142.250.74.163

200 OK

25 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 24780, version 1.0\012- data
Size
25 kB (24780 bytes)
Hash
9e7827aaaf284662fe90803f0c3390d8
54a677e2d0e39ac9c7063068f42cf1eaed464c02
21d84ae6011313f56bed19d8067c8ffa780e6b8452c43b560c11d53af4c4c211

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwaPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 13:14:24 GMT
expires: Fri, 15 Mar 2024 13:14:24 GMT
cache-control: public, max-age=31536000
age: 327913
last-modified: Tue, 26 Apr 2022 15:56:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAUi-q.woff2

142.250.74.163

200 OK

26 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAUi-q.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 26328, version 1.0\012- data
Size
26 kB (26328 bytes)
Hash
19e8478516ae388feab5ff6f9d8bed31
a0cd323509a1bd6394c17825633483ab9bb9ecb5
984d8bd87a1c76937a6d31b6214c81cbc27a26d45a3e912b27a7b64c4ba8b72d

HTTP Headers

GET /s/lato/v23/S6u8w4BMUTPHjxsAUi-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 09:11:13 GMT
expires: Fri, 15 Mar 2024 09:11:13 GMT
cache-control: public, max-age=31536000
age: 342504
last-modified: Tue, 26 Apr 2022 15:46:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUhiZQ.woff2

142.250.74.163

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUhiZQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14768, version 1.0\012- data
Size
15 kB (14768 bytes)
Hash
cb40e587e2e015b6c55f8c162022936e
86d09ad03cdd635cd4ed08b9f05ea1e04cf396e7
6d0ed91894b8413a4b07b2be92ef30d7096e982a79ab8268586607e97e04f1bb

HTTP Headers

GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUhiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14768
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Mar 2023 17:43:20 GMT
expires: Mon, 18 Mar 2024 17:43:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:26:24 GMT
content-type: font/woff2
age: 52577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

g2gesso.com.br/wp-content/uploads/2020/01/Foto-4.jpg

162.214.69.46

200 OK

241 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/Foto-4.jpg
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2015:11:17 10:46:46], baseline, precision 8, 672x492, components 3\012- data
Size
241 kB (240927 bytes)
Hash
6df13f29c22f6f3cdcf63d4a89b3d3b6
db92a9053b670c0048c0fef15532f1c6ddc32c0c
cbc56ee6145ac1a1c9cd34030881e2b724c65ff32736bc65ac378707149b7ed1

HTTP Headers

GET /wp-content/uploads/2020/01/Foto-4.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 14:02:20 GMT
Accept-Ranges: bytes
Content-Length: 240927
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

g2gesso.com.br/wp-content/et-cache/notfound/et-divi-dynamic-late.css

162.214.69.46

200 OK

36 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/et-cache/notfound/et-divi-dynamic-late.css
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (7167)
Size
36 kB (36269 bytes)
Hash
60656065e406c929ff7d525c622bbc01
0550bc1c201c9ecf0336d3ece3f83d6c2dda40dc
8eea78e8d2fa3c6d4aea5cf874bb4213dfa2b7b76b1a7ae155230d98d0c4cfa7

HTTP Headers

GET /wp-content/et-cache/notfound/et-divi-dynamic-late.css HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 09 Mar 2023 06:25:57 GMT
Accept-Ranges: bytes
Content-Length: 36269
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

g2gesso.com.br/wp-content/uploads/2020/01/Logotipo.png

162.214.69.46

200 OK

32 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/Logotipo.png
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 300 x 198, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31872 bytes)
Hash
172c92f29a15cdd88df87e79374db423
dadaea467e073ad65b0cafccf78a2cf978657c43
6d1b4bc2466f9f1b9a8ec2cd0a1c4de2e33cf89a89ff6c71f65726cf9650c41e

HTTP Headers

GET /wp-content/uploads/2020/01/Logotipo.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 13:08:35 GMT
Accept-Ranges: bytes
Content-Length: 31872
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

g2gesso.com.br/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff

162.214.69.46

200 OK

6.3 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 6304, version 2.4\012- data
Size
6.3 kB (6304 bytes)
Hash
77e54546399d360e2e833894dc7ec6ef
7e1e182df2c6788ea81c0e03e8611cf4c0ed1ed0
4c8864d71ebc87c2fbb4c3a2f74693f7b4869575aae806b90e5c8fe0dc0cea7f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-c48e408b.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 09 Mar 2023 05:05:32 GMT
Accept-Ranges: bytes
Content-Length: 6304
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff

g2gesso.com.br/wp-content/uploads/2020/01/home-icone.png

162.214.69.46

200 OK

1.1 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/home-icone.png
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1059 bytes)
Hash
a901e5e59103c4e36eb38e7fc0f57808
8cb7ac92002e692547cad5b932e9ad2d2fc73ea1
7992745b4f46e498f9bca9841d7be298cd9241edcf37f993c67d2cea1d5cf4b4

HTTP Headers

GET /wp-content/uploads/2020/01/home-icone.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 12:00:53 GMT
Accept-Ranges: bytes
Content-Length: 1059
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

g2gesso.com.br/wp-content/uploads/2020/01/empresa-icone.png

162.214.69.46

200 OK

1.5 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/empresa-icone.png
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1528 bytes)
Hash
7cf4faf67d85abc61da2106a36e47657
31a1aac592c600459b79bbe7292be1d960d3a690
a42770de0d6f1b6d2067edcdeded1cb797925cf906a51c521a1961556ea00175

HTTP Headers

GET /wp-content/uploads/2020/01/empresa-icone.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 12:00:55 GMT
Accept-Ranges: bytes
Content-Length: 1528
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

g2gesso.com.br/wp-content/uploads/2020/01/Foto-2.jpg

162.214.69.46

200 OK

197 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/Foto-2.jpg
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2015:11:17 10:46:30], baseline, precision 8, 672x492, components 3\012- data
Size
197 kB (196772 bytes)
Hash
b5a7a9518eb708618a0ffbcc2a31273d
925aa17ca981dccdc0652ea9524e7964f53b19aa
56e336d8fae988c3daf4b4a1293bd520804b84b31e10578fff36c90f3a325313

HTTP Headers

GET /wp-content/uploads/2020/01/Foto-2.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 14:02:16 GMT
Accept-Ranges: bytes
Content-Length: 196772
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

g2gesso.com.br/wp-content/uploads/2020/01/favicon.png

162.214.69.46

200 OK

42 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/favicon.png
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (42075 bytes)
Hash
c2b303087324ca48eff297e4f25c4919
f4a96630e402e1a492839e47b94bef319972d273
9c3f717d630c9a7766a23a0778e06ebd80efffcb599c3495962e6e052e64c060

HTTP Headers

GET /wp-content/uploads/2020/01/favicon.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 17:03:19 GMT
Accept-Ranges: bytes
Content-Length: 42075
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

g2gesso.com.br/wp-content/uploads/2020/01/servi%C3%A7os-icone.png

162.214.69.46

200 OK

1.3 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/servi%C3%A7os-icone.png
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1323 bytes)
Hash
23357f27f44678baa1205da2e73789db
d67ac3de33ddf11c1f0c1c2f284ad15cde90e754
e62899ea0bb6ff767a6c4eaa5b66c2fbbfe147da35ddea75bc410c2eba2ee601

HTTP Headers

GET /wp-content/uploads/2020/01/servi%C3%A7os-icone.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 12:00:52 GMT
Accept-Ranges: bytes
Content-Length: 1323
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

g2gesso.com.br/wp-content/uploads/2020/01/texturaazul.jpg

162.214.69.46

200 OK

285 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/texturaazul.jpg
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1200, components 3\012- data
Size
285 kB (285280 bytes)
Hash
b83c0cb9c92063c293b95e23281aef1b
558f64a16c23d61c1669c7aba007af43a3dcd243
04b8ad1ee03d56bcf056c163b7dfe215debd1809941ee16300b3cd1f56629682

HTTP Headers

GET /wp-content/uploads/2020/01/texturaazul.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 13:26:19 GMT
Accept-Ranges: bytes
Content-Length: 285280
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

g2gesso.com.br/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff

162.214.69.46

200 OK

92 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 92476, version 2.4\012- data
Size
92 kB (92476 bytes)
Hash
7d04c782e3ec7b655cb15e50245c4c49
6ac6c03ebcebc29f36f09525ae9564f12240776d
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-c48e408b.min.css
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; _ga_9P6QK3CBCC=GS1.1.1679300377.1.0.1679300377.0.0.0; _ga=GA1.1.517482383.1679300377
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 09 Mar 2023 05:05:32 GMT
Accept-Ranges: bytes
Content-Length: 92476
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff

g2gesso.com.br/wp-content/uploads/2020/01/Foto-3.jpg

162.214.69.46

200 OK

289 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/Foto-3.jpg
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2015:11:17 10:48:59], baseline, precision 8, 672x492, components 3\012- data
Size
289 kB (288682 bytes)
Hash
66f3d93d7c7adfa552367ca5a0604099
c7e13910918598e9b3251625e38a28b7beaf5360
d901159cf192bbabdf7c86644eb7270421ef86e5abb9e9d00f834c9da7288be7

HTTP Headers

GET /wp-content/uploads/2020/01/Foto-3.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 14:02:18 GMT
Accept-Ranges: bytes
Content-Length: 288682
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

region1.google-analytics.com/g/collect?v=2&tid=G-9P6QK3CBCC&gtm=45je33f0&_p=2012381088&cid=517482383.1679300377&ul=en-us&sr=1280x1024&_s=1&sid=1679300377&sct=1&seg=0&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-9P6QK3CBCC&gtm=45je33f0&_p=2012381088&cid=517482383.1679300377&ul=en-us&sr=1280x1024&_s=1&sid=1679300377&sct=1&seg=0&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9P6QK3CBCC&gtm=45je33f0&_p=2012381088&cid=517482383.1679300377&ul=en-us&sr=1280x1024&_s=1&sid=1679300377&sct=1&seg=0&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://g2gesso.com.br
date: Mon, 20 Mar 2023 08:19:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

g2gesso.com.br/wp-content/uploads/2020/01/Banner01-1.jpg

162.214.69.46

200 OK

284 kB

URL HTTP/1.1
g2gesso.com.br/wp-content/uploads/2020/01/Banner01-1.jpg
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1500x464, components 3\012- data
Size
284 kB (283570 bytes)
Hash
e85e9406e50de4ef3e05059d1c6407c5
79e1372d777bd7a200cadea40ca372abbfa9814b
5e5e7ee7213c0280cd00eb23fc7fbe368fbe767d8b0a4515fa4284d9239a044e

HTTP Headers

GET /wp-content/uploads/2020/01/Banner01-1.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; _ga_9P6QK3CBCC=GS1.1.1679300377.1.0.1679300377.0.0.0; _ga=GA1.1.517482383.1679300377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 13:30:36 GMT
Accept-Ranges: bytes
Content-Length: 283570
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

www.google-analytics.com/analytics.js

142.250.74.78

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 20 Mar 2023 08:12:29 GMT
expires: Mon, 20 Mar 2023 10:12:29 GMT
cache-control: public, max-age=7200
age: 429
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=2012381088&t=pageview&_s=1&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=YCDACUABBAAAACAAI~&jid=1507064594&gjid=1079220495&cid=517482383.1679300377&tid=UA-198107375-1&_gid=549972745.1679300378&_r=1&gtm=457e33f0&did=dZTNiMT&gdid=dZTNiMT&z=214434761

142.250.74.78

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=2012381088&t=pageview&_s=1&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=YCDACUABBAAAACAAI~&jid=1507064594&gjid=1079220495&cid=517482383.1679300377&tid=UA-198107375-1&_gid=549972745.1679300378&_r=1&gtm=457e33f0&did=dZTNiMT&gdid=dZTNiMT&z=214434761
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j99&aip=1&a=2012381088&t=pageview&_s=1&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=YCDACUABBAAAACAAI~&jid=1507064594&gjid=1079220495&cid=517482383.1679300377&tid=UA-198107375-1&_gid=549972745.1679300378&_r=1&gtm=457e33f0&did=dZTNiMT&gdid=dZTNiMT&z=214434761 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://g2gesso.com.br
date: Mon, 20 Mar 2023 08:19:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

g2gesso.com.br/favicon.ico

162.214.69.46

200 OK

23 kB

URL HTTP/1.1
g2gesso.com.br/favicon.ico
IP
162.214.69.46:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\012- data
Size
23 kB (23090 bytes)
Hash
1ae9bbcddbbbee52f18c4465822b1627
7171df04afd05dde861ebb6b04f36aa20680e505
8a07543b9c241cc247c4b3caf3c29ba323e12a44103672e88890a8a7152eeb43

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; _ga_9P6QK3CBCC=GS1.1.1679300377.1.0.1679300377.0.0.0; _ga=GA1.1.517482383.1679300377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:38 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 11:51:08 GMT
Accept-Ranges: bytes
Content-Length: 23090
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/x-icon

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL