r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 28774b36cf8bb6b054329393a33f6239
728313ddff6d5ceb6db3eb8445f039779616a140
08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7668
Expires: Mon, 20 Mar 2023 10:27:20 GMT
Date: Mon, 20 Mar 2023 08:19:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13417
Expires: Mon, 20 Mar 2023 12:03:09 GMT
Date: Mon, 20 Mar 2023 08:19:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eddc2a353d39e5ce5c30d7e90b3ed6a5
305e86e4b966344c135c50af9a6509ffd3a83e9e
bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD775C38C2E11F1BAEDDE5D92AB17CEAF4C2067F8EA996595A66801758A71813"
Last-Modified: Fri, 17 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14790
Expires: Mon, 20 Mar 2023 12:26:02 GMT
Date: Mon, 20 Mar 2023 08:19:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 20 Mar 2023 08:14:53 GMT
content-type: application/json
age: 279
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uTk5iR6tfyGUlpHh8A+GSqFpCynBRuPA9H0/VJ+DiRuIg+WkEW+PWJn/azVewZb4P8qAovwg7hMTCOjJhTs94Q==
x-amz-request-id: DCQXK8EGX73M3ARK
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 20 Mar 2023 07:58:37 GMT
age: 1255
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
g2gesso.com.br/cc/auth.php
162.214.69.46301 Moved Permanently 242 B URL HTTP/1.1 g2gesso.com.br/cc/auth.php
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 127f1f7bbb97849e937a86f27891805f
9ae9533e3932cf8e14bede156aacf1a00a29fd75
4e6ae13f3177998771c0edee5b24ad5a1b24061d0532b14760c663c6535a5cfe
Analyzer Verdict Alert fortinet Phishing
GET /cc/auth.php HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 20 Mar 2023 08:19:32 GMT
Server: Apache
Location: https://g2gesso.com.br/cc/auth.php
Content-Length: 242
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 20 Mar 2023 08:19:33 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Pragma, Content-Type, Content-Length, Cache-Control, Expires, Backoff, Alert, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Mar 2023 08:14:32 GMT
age: 301
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3462d41d9283fedf24f278089d5d1570
b8bcea77656f775cdc34620322cc616216ed2b95
55e47b413ba648a98eb6e92ab73aee602912cd13e7da23ef3cea1490c1b9de50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55E47B413BA648A98EB6E92AB73AEE602912CD13E7DA23EF3CEA1490C1B9DE50"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6003
Expires: Mon, 20 Mar 2023 09:59:36 GMT
Date: Mon, 20 Mar 2023 08:19:33 GMT
Connection: keep-alive
push.services.mozilla.com/
35.164.248.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.248.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gHeBWJsH43d+Vlk+ZtAPlg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mMXjgChuDz6IKOFCtqfCKq1AbxA=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12931
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 08:19:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12931
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 08:19:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12931
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 08:19:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12931
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 08:19:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 302595cc68fe8cf12121d0f652b3194d
e5532a3fed552246e8a63ea2ba75e174273a7b9f
6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7695
x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDETIHf8oAMFxEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 388_JExXl_vwNTUh_69QfjoGz-cNeQwwrp6kpAP1Hhv3VvtgeeXbrw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:55:31 GMT
age: 37444
etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9509282-2846-486c-aca4-fc2e2da04b09.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9509282-2846-486c-aca4-fc2e2da04b09.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1100f09022852609077bf427f7ce49cd
352e2e60702ca76d7308bbbee83ef7c1413c5b0c
d1cf4a7974bb384cf13448a6aecc5f6bbd387e0eeb60d696df35acfd5231a46b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9509282-2846-486c-aca4-fc2e2da04b09.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11394
x-amzn-requestid: cda4fbe4-0b4e-4836-839a-54f4e40d61a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDVOEZ7oAMFZwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f54-17fbfda14a9a37e523ca5d54;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ZTTTWfKeikORTA2LNaw0Y53oUvqRI-WNFJ28Mu8NzVruBHPkB0VswA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:15:29 GMT
age: 36246
etag: "352e2e60702ca76d7308bbbee83ef7c1413c5b0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6d92bde-aeaf-4220-ab31-32d913cebcbf.png
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6d92bde-aeaf-4220-ab31-32d913cebcbf.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df9bad66ead39008462af08bda8ff3cb
816a0f35e0cf37329fa233a8fefe9a8addf04edc
f1bf32da41b171c73b741c247ddfbc91d2e82daba395fde6798de3a2571f3fc3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6d92bde-aeaf-4220-ab31-32d913cebcbf.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9844
x-amzn-requestid: 05aa623d-9c20-49ff-a68d-323d0dcf4d59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDEhgFXzoAMFvMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417813c-078768b7057ff73c29e5514b;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:40:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: AOhxtm5AelyUDMj3ZY3nYaHSJV2steyS9Yqi9CPpsos7lOelfxy6PA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:50:29 GMT
age: 37746
etag: "816a0f35e0cf37329fa233a8fefe9a8addf04edc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: xfkObFQbeYQQjIJ4FWQ7xKbH5FPxBQ1vkTDCwWCM6IcAAu8H31BNhQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:04:48 GMT
age: 4487
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cd6847f-4682-4476-ab1c-3a96a63feea0.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cd6847f-4682-4476-ab1c-3a96a63feea0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dd89721d1aeaf671e76434c7d8a4ad7
a3dedec80d68e8f0326548d03b0e594ffc87ecd1
ff593609540ed01673c58483ce57a40cc712000d32427ccf2486fd0035728448
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cd6847f-4682-4476-ab1c-3a96a63feea0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6839
x-amzn-requestid: c478a5c6-cb9b-4324-be41-b79c32f99570
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDU6GKyoAMF6uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f52-180dc15d2627e08d3182a761;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QBgnZBxWku97O-CIkgmOTJe5g2DCZOozVhHj_0ViEP6w7hDeXPhmeg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:14:42 GMT
age: 36293
etag: "a3dedec80d68e8f0326548d03b0e594ffc87ecd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24e4aa78-0ee1-4b04-8fed-b9e18ef3dc8d.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24e4aa78-0ee1-4b04-8fed-b9e18ef3dc8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dea3a1324b960e401a08c2cb04727426
8c37df5978cf6391f65828c045ee849d581504d3
d7a35e850cc1d912c1308c279d918005919bcfc30087934beaafcc792ac36e0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24e4aa78-0ee1-4b04-8fed-b9e18ef3dc8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9798
x-amzn-requestid: cb50a348-357d-470c-934a-41da54b6ecbe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDEj0H5goAMF1-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417814b-61658765317b3e9c781d7347;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: emnHxZdaHLcn6gr4_OncYwPHDVryfhlzyBtxIzV38nNkysvy34nZHQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:21:35 GMT
age: 35880
etag: "8c37df5978cf6391f65828c045ee849d581504d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 08:19:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-198107375-1
142.250.74.40200 OK 61 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-198107375-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (3991)
Hash d875a32dbec0955f261b059734b470a2
7252633e6ffe786cbf56d115b89e05814dc646db
cfcb8fa3031326848c1911aad25023b5c01d91118b0608709dd33b97fa74c51a
GET /gtag/js?id=UA-198107375-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 08:19:35 GMT
expires: Mon, 20 Mar 2023 08:19:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 61273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 08:19:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
g2gesso.com.br/cc/auth.php
162.214.69.46404 Not Found 127 kB URL HTTP/1.1 g2gesso.com.br/cc/auth.php
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26340)
Size 127 kB (127406 bytes)
Hash 59e93d72ac5eee703d201280535749dc
0ac33bebfedb1c9ca7d4bc390a59744d89f58890
9fce5bc1632e24b7e015e4cabdbda0dc722a063a9debef15f324e27a752b760f
Analyzer Verdict Alert fortinet Phishing
GET /cc/auth.php HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Mon, 20 Mar 2023 08:19:33 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
WPO-Cache-Status: not cached
WPO-Cache-Message: The request extension is not suitable for caching
Link: <https://g2gesso.com.br/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
g2gesso.com.br/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1678343156
162.214.69.46200 OK 7.9 kB URL HTTP/1.1 g2gesso.com.br/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1678343156
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7889), with no line terminators
Hash f0e747ebf23a855d70993dd3b935e553
9e2b8c666fe183aaf2dc0b7e6e5b80c472236c14
56f955fe552cc90c384985389d4f02c5822c523daddd903d097533564fbd7cf8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1678343156 HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Thu, 09 Mar 2023 06:25:56 GMT
Accept-Ranges: bytes
Content-Length: 7889
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-bc1d3cae.min.js
162.214.69.46200 OK 982 kB URL HTTP/1.1 g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-bc1d3cae.min.js
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (45047)
Size 982 kB (982412 bytes)
Hash 62fd5211e0f99948bceb9b2f9df75539
ef053203d03e490d53862fcd445940ef7f75aa99
a45ae94a6af18b9470a1e86ba7b2fd2b0ce3d0f234eb2b841d2a5abb1965583e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-bc1d3cae.min.js HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Sun, 19 Mar 2023 16:51:21 GMT
Accept-Ranges: bytes
Content-Length: 982412
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-55391668.min.js
162.214.69.46200 OK 128 kB URL HTTP/1.1 g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-55391668.min.js
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Size 128 kB (128143 bytes)
Hash 62e011ea046dcc2ef2be6e748c8c5b5b
0589a4ba2ae4a4451cdc6eae2f0aa5e8c9a24366
a5e0ac152323bf1bf0cb56f0b4b896a0ce2f83c29f0cd9c001a4f260825e0a5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-55391668.min.js HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Sun, 19 Mar 2023 16:43:21 GMT
Accept-Ranges: bytes
Content-Length: 128143
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-c48e408b.min.css
162.214.69.46200 OK 162 kB URL HTTP/1.1 g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-c48e408b.min.css
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Size 162 kB (161729 bytes)
Hash 31e6ffdc9494a995206726034566f09f
2248bad00b23ab85946ef3525a3557e30cd13b85
a13ea9fc2572c3b6be47c27845a1b9a47f2a92c04866e3bcaa8656bf7e538aa8
GET /wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-c48e408b.min.css HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Sun, 19 Mar 2023 16:51:20 GMT
Accept-Ranges: bytes
Content-Length: 161729
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-85a51719.min.css
162.214.69.46200 OK 471 B URL HTTP/1.1 g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-85a51719.min.css
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078
GET /wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-footer-85a51719.min.css HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Sun, 19 Mar 2023 16:43:22 GMT
Accept-Ranges: bytes
Content-Length: 146602
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22084, version 1.0\012- data
Hash bab4daa6bec06781aa7262eca0be0ed4
b896fcea50433114a0433c9c8117677a875f1116
ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 13:49:51 GMT
expires: Thu, 14 Mar 2024 13:49:51 GMT
cache-control: public, max-age=31536000
age: 412186
last-modified: Mon, 15 Aug 2022 18:14:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21516, version 1.0\012- data
Hash 90135ea44811b2d9610c33e07068fdb0
84ef1a8343877a598f1c7cbae56f35ded54a1787
bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 09:19:48 GMT
expires: Fri, 15 Mar 2024 09:19:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:12:10 GMT
content-type: font/woff2
age: 341989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWV4ewA.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWV4ewA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23704, version 1.0\012- data
Hash 3d4a6df8d47f0085c3bf7bd90563e9eb
f0d96d332787d0a8604f2b99dde7f3b947942cf5
d00bea31ec0d15e0e6013225b870d1f39fa2e26663d192c8520494c6156c0569
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWV4ewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 09:10:55 GMT
expires: Fri, 15 Mar 2024 09:10:55 GMT
cache-control: public, max-age=31536000
age: 342522
last-modified: Mon, 15 Aug 2022 18:28:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22212, version 1.0\012- data
Hash e62adebf67147c481b9c00011e2c5d48
3af42ef356fa413fd162c56a7b11b8d34a61cefb
17ec0c20d179cf39cbbb164c18165e8a35e9678d5602c8c4f6826ff457b0685e
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 21:20:29 GMT
expires: Fri, 15 Mar 2024 21:20:29 GMT
cache-control: public, max-age=31536000
age: 298748
last-modified: Mon, 15 Aug 2022 18:15:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBM.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBM.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20888, version 1.0\012- data
Hash da96b6f7330646b7313acb1b80137aba
218894130a018911af360b4ff9bfcc09faa9d70f
aebffd4b2e57e4c51a2d007557cb8f59abea10a1aad8967e196e3a29af0c49d5
GET /s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20888
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 00:00:43 GMT
expires: Fri, 15 Mar 2024 00:00:43 GMT
cache-control: public, max-age=31536000
age: 375534
last-modified: Wed, 27 Apr 2022 15:44:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBU.woff
142.250.74.163200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBU.woff
IP 142.250.74.163:0
File type Web Open Font Format, TrueType, length 27052, version 1.1\012- data
Hash 9d58e7b4b629813cb816bf589e31f894
0938dc0a0a87591c2284b96300e1070010411baa
b8789c30fcb6849ebf7f0c31a30115f537cad877095f17fab270891249222e05
GET /s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNQKBU.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 16:02:08 GMT
expires: Thu, 14 Mar 2024 16:02:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 15:44:35 GMT
content-type: font/woff
age: 404249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN58AfvNQKBM.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN58AfvNQKBM.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20608, version 1.0\012- data
Hash f18af2916db21abd3a2fb6a0adb5076e
7915bbcaedea8f78358072247b7d717642b10c4d
373be09cd4b2d30f131bbb890ac38a6aad6a0484cc305f7073789448cf97a5c9
GET /s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN58AfvNQKBM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Mar 2023 17:43:46 GMT
expires: Mon, 18 Mar 2024 17:43:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 15:44:05 GMT
content-type: font/woff2
age: 52551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
g2gesso.com.br/wp-content/uploads/2020/01/Foto-1.jpg
162.214.69.46200 OK 227 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/Foto-1.jpg
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2015:11:17 10:48:34], baseline, precision 8, 672x492, components 3\012- data
Size 227 kB (227131 bytes)
Hash 05c24c3c90d7565366b56b906d6f71cf
deb0ddd424df696c15e93c950160dbb9ff596de3
c14c714ca5d6faa9b2ec1eba133a799942b44c7d3776a20801104c82387874aa
GET /wp-content/uploads/2020/01/Foto-1.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 14:02:14 GMT
Accept-Ranges: bytes
Content-Length: 227131
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
g2gesso.com.br/wp-content/uploads/2020/01/contato-icone.png
162.214.69.46200 OK 4.7 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/contato-icone.png
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 30 x 30, 8-bit/color RGBA, interlaced\012- data
Hash b42ba2fb4101ac938355df77d8f07f1b
3e87f67395292bb8ecc920feedaca0fe5a66ad81
9051467963278460d74ff4a51b43dc4603bcda6e3fcee343e19444cbafbf4471
GET /wp-content/uploads/2020/01/contato-icone.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Fri, 17 Jan 2020 12:08:49 GMT
Accept-Ranges: bytes
Content-Length: 4655
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
g2gesso.com.br/wp-content/plugins/revslider/public/assets/assets/dummy.png
162.214.69.46200 OK 68 B URL HTTP/1.1 g2gesso.com.br/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Mon, 16 Jan 2023 16:39:09 GMT
Accept-Ranges: bytes
Content-Length: 68
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 08:19:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwaPGQ.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwaPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 24304, version 1.0\012- data
Hash ec7702db70b59daa5385159295fa09b8
15e1a857e1c059d0cf265f21fbd3d44607dc1c8a
799713218b50965769af63d5cddcb2f746fbeca66a8b78ea3024fc8b57f01beb
GET /s/lato/v23/S6u9w4BMUTPHh50XSwaPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 02:54:42 GMT
expires: Fri, 15 Mar 2024 02:54:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
content-type: font/woff2
age: 365095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXg.woff2
142.250.74.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 25284, version 1.0\012- data
Hash 26f5a0992b68bb38801b08a348288591
4dc2e90e40d35482883aea5fa535cfa4e15fd392
386a206aade080bb0045005cfdbb660430ed46d652039eef6bc299d54d7c43ed
GET /s/lato/v23/S6uyw4BMUTPHjxAwXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25284
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 14:35:24 GMT
expires: Thu, 14 Mar 2024 14:35:24 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:46:28 GMT
content-type: font/woff2
age: 409453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGQ.woff2
142.250.74.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 24780, version 1.0\012- data
Hash 9e7827aaaf284662fe90803f0c3390d8
54a677e2d0e39ac9c7063068f42cf1eaed464c02
21d84ae6011313f56bed19d8067c8ffa780e6b8452c43b560c11d53af4c4c211
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwaPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 13:14:24 GMT
expires: Fri, 15 Mar 2024 13:14:24 GMT
cache-control: public, max-age=31536000
age: 327913
last-modified: Tue, 26 Apr 2022 15:56:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAUi-q.woff2
142.250.74.163200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAUi-q.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 26328, version 1.0\012- data
Hash 19e8478516ae388feab5ff6f9d8bed31
a0cd323509a1bd6394c17825633483ab9bb9ecb5
984d8bd87a1c76937a6d31b6214c81cbc27a26d45a3e912b27a7b64c4ba8b72d
GET /s/lato/v23/S6u8w4BMUTPHjxsAUi-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 09:11:13 GMT
expires: Fri, 15 Mar 2024 09:11:13 GMT
cache-control: public, max-age=31536000
age: 342504
last-modified: Tue, 26 Apr 2022 15:46:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUhiZQ.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUhiZQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 14768, version 1.0\012- data
Hash cb40e587e2e015b6c55f8c162022936e
86d09ad03cdd635cd4ed08b9f05ea1e04cf396e7
6d0ed91894b8413a4b07b2be92ef30d7096e982a79ab8268586607e97e04f1bb
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUhiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14768
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Mar 2023 17:43:20 GMT
expires: Mon, 18 Mar 2024 17:43:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:26:24 GMT
content-type: font/woff2
age: 52577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
g2gesso.com.br/wp-content/uploads/2020/01/Foto-4.jpg
162.214.69.46200 OK 241 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/Foto-4.jpg
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2015:11:17 10:46:46], baseline, precision 8, 672x492, components 3\012- data
Size 241 kB (240927 bytes)
Hash 6df13f29c22f6f3cdcf63d4a89b3d3b6
db92a9053b670c0048c0fef15532f1c6ddc32c0c
cbc56ee6145ac1a1c9cd34030881e2b724c65ff32736bc65ac378707149b7ed1
GET /wp-content/uploads/2020/01/Foto-4.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 14:02:20 GMT
Accept-Ranges: bytes
Content-Length: 240927
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
g2gesso.com.br/wp-content/et-cache/notfound/et-divi-dynamic-late.css
162.214.69.46200 OK 36 kB URL HTTP/1.1 g2gesso.com.br/wp-content/et-cache/notfound/et-divi-dynamic-late.css
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7167)
Hash 60656065e406c929ff7d525c622bbc01
0550bc1c201c9ecf0336d3ece3f83d6c2dda40dc
8eea78e8d2fa3c6d4aea5cf874bb4213dfa2b7b76b1a7ae155230d98d0c4cfa7
GET /wp-content/et-cache/notfound/et-divi-dynamic-late.css HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 09 Mar 2023 06:25:57 GMT
Accept-Ranges: bytes
Content-Length: 36269
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
g2gesso.com.br/wp-content/uploads/2020/01/Logotipo.png
162.214.69.46200 OK 32 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/Logotipo.png
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 198, 8-bit/color RGBA, non-interlaced\012- data
Hash 172c92f29a15cdd88df87e79374db423
dadaea467e073ad65b0cafccf78a2cf978657c43
6d1b4bc2466f9f1b9a8ec2cd0a1c4de2e33cf89a89ff6c71f65726cf9650c41e
GET /wp-content/uploads/2020/01/Logotipo.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 13:08:35 GMT
Accept-Ranges: bytes
Content-Length: 31872
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
g2gesso.com.br/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff
162.214.69.46200 OK 6.3 kB URL HTTP/1.1 g2gesso.com.br/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 6304, version 2.4\012- data
Hash 77e54546399d360e2e833894dc7ec6ef
7e1e182df2c6788ea81c0e03e8611cf4c0ed1ed0
4c8864d71ebc87c2fbb4c3a2f74693f7b4869575aae806b90e5c8fe0dc0cea7f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-c48e408b.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 09 Mar 2023 05:05:32 GMT
Accept-Ranges: bytes
Content-Length: 6304
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff
g2gesso.com.br/wp-content/uploads/2020/01/home-icone.png
162.214.69.46200 OK 1.1 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/home-icone.png
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash a901e5e59103c4e36eb38e7fc0f57808
8cb7ac92002e692547cad5b932e9ad2d2fc73ea1
7992745b4f46e498f9bca9841d7be298cd9241edcf37f993c67d2cea1d5cf4b4
GET /wp-content/uploads/2020/01/home-icone.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 12:00:53 GMT
Accept-Ranges: bytes
Content-Length: 1059
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
g2gesso.com.br/wp-content/uploads/2020/01/empresa-icone.png
162.214.69.46200 OK 1.5 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/empresa-icone.png
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 7cf4faf67d85abc61da2106a36e47657
31a1aac592c600459b79bbe7292be1d960d3a690
a42770de0d6f1b6d2067edcdeded1cb797925cf906a51c521a1961556ea00175
GET /wp-content/uploads/2020/01/empresa-icone.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 12:00:55 GMT
Accept-Ranges: bytes
Content-Length: 1528
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
g2gesso.com.br/wp-content/uploads/2020/01/Foto-2.jpg
162.214.69.46200 OK 197 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/Foto-2.jpg
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2015:11:17 10:46:30], baseline, precision 8, 672x492, components 3\012- data
Size 197 kB (196772 bytes)
Hash b5a7a9518eb708618a0ffbcc2a31273d
925aa17ca981dccdc0652ea9524e7964f53b19aa
56e336d8fae988c3daf4b4a1293bd520804b84b31e10578fff36c90f3a325313
GET /wp-content/uploads/2020/01/Foto-2.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 14:02:16 GMT
Accept-Ranges: bytes
Content-Length: 196772
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
g2gesso.com.br/wp-content/uploads/2020/01/favicon.png
162.214.69.46200 OK 42 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/favicon.png
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash c2b303087324ca48eff297e4f25c4919
f4a96630e402e1a492839e47b94bef319972d273
9c3f717d630c9a7766a23a0778e06ebd80efffcb599c3495962e6e052e64c060
GET /wp-content/uploads/2020/01/favicon.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 17:03:19 GMT
Accept-Ranges: bytes
Content-Length: 42075
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
g2gesso.com.br/wp-content/uploads/2020/01/servi%C3%A7os-icone.png
162.214.69.46200 OK 1.3 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/servi%C3%A7os-icone.png
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 23357f27f44678baa1205da2e73789db
d67ac3de33ddf11c1f0c1c2f284ad15cde90e754
e62899ea0bb6ff767a6c4eaa5b66c2fbbfe147da35ddea75bc410c2eba2ee601
GET /wp-content/uploads/2020/01/servi%C3%A7os-icone.png HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 12:00:52 GMT
Accept-Ranges: bytes
Content-Length: 1323
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
g2gesso.com.br/wp-content/uploads/2020/01/texturaazul.jpg
162.214.69.46200 OK 285 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/texturaazul.jpg
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1200, components 3\012- data
Size 285 kB (285280 bytes)
Hash b83c0cb9c92063c293b95e23281aef1b
558f64a16c23d61c1669c7aba007af43a3dcd243
04b8ad1ee03d56bcf056c163b7dfe215debd1809941ee16300b3cd1f56629682
GET /wp-content/uploads/2020/01/texturaazul.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 13:26:19 GMT
Accept-Ranges: bytes
Content-Length: 285280
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
g2gesso.com.br/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
162.214.69.46200 OK 92 kB URL HTTP/1.1 g2gesso.com.br/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 92476, version 2.4\012- data
Hash 7d04c782e3ec7b655cb15e50245c4c49
6ac6c03ebcebc29f36f09525ae9564f12240776d
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://g2gesso.com.br/wp-content/cache/wpo-minify/1679244201/assets/wpo-minify-header-c48e408b.min.css
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; _ga_9P6QK3CBCC=GS1.1.1679300377.1.0.1679300377.0.0.0; _ga=GA1.1.517482383.1679300377
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 09 Mar 2023 05:05:32 GMT
Accept-Ranges: bytes
Content-Length: 92476
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff
g2gesso.com.br/wp-content/uploads/2020/01/Foto-3.jpg
162.214.69.46200 OK 289 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/Foto-3.jpg
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2015:11:17 10:48:59], baseline, precision 8, 672x492, components 3\012- data
Size 289 kB (288682 bytes)
Hash 66f3d93d7c7adfa552367ca5a0604099
c7e13910918598e9b3251625e38a28b7beaf5360
d901159cf192bbabdf7c86644eb7270421ef86e5abb9e9d00f834c9da7288be7
GET /wp-content/uploads/2020/01/Foto-3.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:36 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 14:02:18 GMT
Accept-Ranges: bytes
Content-Length: 288682
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
region1.google-analytics.com/g/collect?v=2&tid=G-9P6QK3CBCC>m=45je33f0&_p=2012381088&cid=517482383.1679300377&ul=en-us&sr=1280x1024&_s=1&sid=1679300377&sct=1&seg=0&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-9P6QK3CBCC>m=45je33f0&_p=2012381088&cid=517482383.1679300377&ul=en-us&sr=1280x1024&_s=1&sid=1679300377&sct=1&seg=0&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-9P6QK3CBCC>m=45je33f0&_p=2012381088&cid=517482383.1679300377&ul=en-us&sr=1280x1024&_s=1&sid=1679300377&sct=1&seg=0&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://g2gesso.com.br
date: Mon, 20 Mar 2023 08:19:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
g2gesso.com.br/wp-content/uploads/2020/01/Banner01-1.jpg
162.214.69.46200 OK 284 kB URL HTTP/1.1 g2gesso.com.br/wp-content/uploads/2020/01/Banner01-1.jpg
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1500x464, components 3\012- data
Size 284 kB (283570 bytes)
Hash e85e9406e50de4ef3e05059d1c6407c5
79e1372d777bd7a200cadea40ca372abbfa9814b
5e5e7ee7213c0280cd00eb23fc7fbe368fbe767d8b0a4515fa4284d9239a044e
GET /wp-content/uploads/2020/01/Banner01-1.jpg HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; _ga_9P6QK3CBCC=GS1.1.1679300377.1.0.1679300377.0.0.0; _ga=GA1.1.517482383.1679300377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:37 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 13:30:36 GMT
Accept-Ranges: bytes
Content-Length: 283570
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.google-analytics.com/analytics.js
142.250.74.78200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 20 Mar 2023 08:12:29 GMT
expires: Mon, 20 Mar 2023 10:12:29 GMT
cache-control: public, max-age=7200
age: 429
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=2012381088&t=pageview&_s=1&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=YCDACUABBAAAACAAI~&jid=1507064594&gjid=1079220495&cid=517482383.1679300377&tid=UA-198107375-1&_gid=549972745.1679300378&_r=1>m=457e33f0&did=dZTNiMT&gdid=dZTNiMT&z=214434761
142.250.74.78200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=2012381088&t=pageview&_s=1&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=YCDACUABBAAAACAAI~&jid=1507064594&gjid=1079220495&cid=517482383.1679300377&tid=UA-198107375-1&_gid=549972745.1679300378&_r=1>m=457e33f0&did=dZTNiMT&gdid=dZTNiMT&z=214434761
IP 142.250.74.78:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j99&aip=1&a=2012381088&t=pageview&_s=1&dl=https%3A%2F%2Fg2gesso.com.br%2Fcc%2Fauth.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20G2%20Gesso&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=YCDACUABBAAAACAAI~&jid=1507064594&gjid=1079220495&cid=517482383.1679300377&tid=UA-198107375-1&_gid=549972745.1679300378&_r=1>m=457e33f0&did=dZTNiMT&gdid=dZTNiMT&z=214434761 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://g2gesso.com.br
Connection: keep-alive
Referer: https://g2gesso.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://g2gesso.com.br
date: Mon, 20 Mar 2023 08:19:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
g2gesso.com.br/favicon.ico
162.214.69.46200 OK 23 kB URL HTTP/1.1 g2gesso.com.br/favicon.ico
IP 162.214.69.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\012- data
Hash 1ae9bbcddbbbee52f18c4465822b1627
7171df04afd05dde861ebb6b04f36aa20680e505
8a07543b9c241cc247c4b3caf3c29ba323e12a44103672e88890a8a7152eeb43
GET /favicon.ico HTTP/1.1
Host: g2gesso.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2gesso.com.br/cc/auth.php
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; _ga_9P6QK3CBCC=GS1.1.1679300377.1.0.1679300377.0.0.0; _ga=GA1.1.517482383.1679300377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 08:19:38 GMT
Server: Apache
Last-Modified: Thu, 16 Jan 2020 11:51:08 GMT
Accept-Ranges: bytes
Content-Length: 23090
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/x-icon