r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6993
Expires: Thu, 10 Nov 2022 23:06:16 GMT
Date: Thu, 10 Nov 2022 21:09:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3280
Cache-Control: max-age=137764
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:43 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 11:25:47 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2214
Expires: Thu, 10 Nov 2022 21:46:37 GMT
Date: Thu, 10 Nov 2022 21:09:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2J5C36uwh4QsYFX96M0gCRRox8NPtoQQtUgF4vHsceE5w6o8Ehk7IVknajq7rXVnmbFbsNZVKMQ=
x-amz-request-id: XBMN24TGMN8W0G6K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 20:49:32 GMT
age: 1211
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 10 Nov 2022 20:43:49 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1554
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 21:09:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
htech.eti.br/uet/musraetietobqrpua
108.167.132.218301 Moved Permanently 0 B URL HTTP/1.1 htech.eti.br/uet/musraetietobqrpua
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uet/musraetietobqrpua HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 10 Nov 2022 21:09:43 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://htech.eti.br/uet/musraetietobqrpua
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 10 Nov 2022 20:24:57 GMT
cache-control: public,max-age=3600
age: 2686
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 081ea13ba4390a4baab25cf57c2672f3
30cc9c329228e3d7bc6041f1aa553f06f8136eed
5a48c189581edd8ae4a4e58e2d54359bb75ba769828436394e4c256fe861814e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4303
Cache-Control: max-age=133733
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:43 GMT
Etag: "636cbf2d-1d7"
Expires: Sat, 12 Nov 2022 10:18:36 GMT
Last-Modified: Thu, 10 Nov 2022 09:06:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e2cabdf8832c2056ed7f0f8e59b7441a
2ba8dc13a527fddcd45b518065f5f0b7413d10bb
c4752782d0ac2c9290aaf9ec3867c9e30edf6e84f730945aea101bd415b37543
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4752782D0AC2C9290AAF9EC3867C9E30EDF6E84F730945AEA101BD415B37543"
Last-Modified: Tue, 08 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Fri, 11 Nov 2022 03:09:08 GMT
Date: Thu, 10 Nov 2022 21:09:43 GMT
Connection: keep-alive
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fqVZAYhc4QZcQ2NzABHbmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: W5IDtig1EljTWhRNG0Kr85Obw34=
htech.eti.br/uet/musraetietobqrpua
108.167.132.218404 Not Found 17 kB URL HTTP/2 htech.eti.br/uet/musraetietobqrpua
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash da9b3a31c4704ac1a7d90e2a46197122
5c2093c50a35237cba4339ff73f932aabd5699df
9f20b2a85a0c0548d8f8162c542816ef678ec51eeae3aaee2febf74aa72428b3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uet/musraetietobqrpua HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://htech.eti.br/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 16852
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 21:09:43 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash abc1b6dead712b3905b9b0c0c8b63b56
e63b4c3f61604e313af85d9577866b98f75faa2a
fe7ff7563830e4fd0ab0af0eb929ca26e7a59d6ac147115d127a9585867d139a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-scroll-animation.css?ver=2.0.2
108.167.132.218200 OK 125 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-scroll-animation.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e7859c23efdab0a3d1a520382717206c
cef3ca5b994eca4f863bd6e8a96f1a45643b5491
ecca2dbe8ba0cd0536158b38528020c02ad180ed6f5e684b88706a369b0df45b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-scroll-animation.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 125
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/sina-morphing.min.css?ver=2.0.2
108.167.132.218200 OK 250 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/sina-morphing.min.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (587), with no line terminators
Hash f73b4aff6d24cc986af333cfea803f30
c286b355867586e3ae355d805be49d340c7bcf3f
5116b92eabdef2dd9f3b8d619fd34d14db01412611f0ef319fb2886d5319900e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/sina-morphing.min.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 250
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-animation.css?ver=2.0.2
108.167.132.218200 OK 532 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-animation.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2a688029e66d18aa8b891147af419aff
0fbb34a31c3abdd68940a846956d548bc0ff9312
b17fa6fb8da61d5d9da3df57e48050c3dbab147520fac4ce9fbe4a7f274f13f7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-animation.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 532
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/decolines.css?ver=2.0.2
108.167.132.218200 OK 141 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/decolines.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 635f13fb91ba3d1e541f93894f7eb849
97d9462034182ce7291ff3065c24e8bf349e8482
5ee4a92f155bd922f690278fb04c8c2c2923550976fb0ff278f16e03ec8e28b1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/decolines.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 141
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/lettereffect.css?ver=2.0.2
108.167.132.218200 OK 140 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/lettereffect.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4121ee29269155dbfd7be85fbec4fdc7
8178bbfbb9f3b50310b69d51d15920ea33ced8b0
893f9abed7d84d44809b3be0b6fd47422a05c1b78cfc42e3923f467ae036dd04
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/lettereffect.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 140
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/normalize.css?ver=2.0.2
108.167.132.218200 OK 816 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/normalize.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1734), with no line terminators
Hash 49d655dab2d498630322d20777f3a59b
43a49a5d20e17b483f667b32f5c0a660aadeb901
6ecc527db9d77a8f910da885ba4dc6587ab7ffc7093dc9e4d2815a40c858a207
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/normalize.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 816
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/revealer.css?ver=2.0.2
108.167.132.218200 OK 139 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/revealer.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 15f8aadf38c8e848874bb0bb525b1afb
113852ca1dde5aa8fb503890deaa22dba1682fdf
99a1c21a067d590d05e3074da1b4e66780c96aede3557607b801e6c67cdb6e93
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/revealer.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 139
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/pater.css?ver=2.0.2
108.167.132.218200 OK 726 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/pater.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 84248a6018cbbdef64b613a7bed9ac8f
68fc7e3169858edac331f53c3ca0bfa2e3c67c29
0e4af4b8f2fe169431e126aa66f39fc1e1d65d95c40d85151adf534ea28ed026
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/pater.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 726
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/animate.css?ver=2.0.2
108.167.132.218200 OK 10 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/animate.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0c7f9f9bc6d3c3d622120c9572d4f2f9
bda4c05ac34a5eb702a6b8d818a3faa4e79bb286
3beaea9cd904d8a2453d74552ab2ea9aec561c154c9b615538fb2de051baf1a1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/animate.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 10370
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-curtain-animation.css?ver=2.0.2
108.167.132.218200 OK 546 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-curtain-animation.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d388b47d78bb8f5b3e211de2bc8dda67
88a19a212fff4ae7d504341e881e5a3722604ed0
8237a3396e1798b000b4cf59c6ea3397d52fd35267da7830cb65e961d5e06931
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-curtain-animation.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 546
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-248592069-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-248592069-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 87cb8a20d3cfe6a324226d77b8c53dbc
e064c320e5e6c45b9615b0c3f2a14501bfec8218
ab39acbc193d63aa26a7ea44853e4bdf0fc50ad2e8d4e33959805bb6ac2aef3a
GET /gtag/js?id=UA-248592069-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 10 Nov 2022 21:09:44 GMT
expires: Thu, 10 Nov 2022 21:09:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash abc1b6dead712b3905b9b0c0c8b63b56
e63b4c3f61604e313af85d9577866b98f75faa2a
fe7ff7563830e4fd0ab0af0eb929ca26e7a59d6ac147115d127a9585867d139a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/slick.css?ver=2.0.2
108.167.132.218200 OK 564 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/slick.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 52dc6a8e85abdf73203fdae4e4b6f9fd
d19e874bdab0b560891082c591b33b7a481149f7
a6ed9df694f9885f6959a20b8aa2090235427dd579b89eed311fbad2d70cfce7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/slick.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 564
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/htflexboxgrid.css?ver=2.0.2
108.167.132.218200 OK 3.1 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/htflexboxgrid.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 6b9e50335297c4b3a83fd1fecef2f019
b3ac9c978a2532456d788df23aebc4771cb2cbd1
22f2d0c1d1de5a4d9c05ff1e4f823d34ec5509018d57e6b0d4609723e15ec6fb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/htflexboxgrid.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 3060
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
108.167.132.218200 OK 4.0 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19233)
Hash 2701214b028ad24fa347df8335b36d12
156bc8a7ad2657f00881890637f07c6052636499
9a6e62615ceeec7a9763e4f9614e4715d04fd87873b23db2b3ead06c996cad27
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 4008
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.0
108.167.132.218200 OK 1.9 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11875)
Hash 20e710220b5a655381a68030fc620a97
2bf7cbe6b77c2d2df4eaf3639df929d5643997de
595c43809e55e9fb938799ae6ef6225e57bb00e09e6b3f7d6a17c6187f0e1320
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:54:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 1912
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
108.167.132.218200 OK 7.1 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 09b8b6cbc1b0486aa66786792e8c6984
73a077a16ce58b6b5c7169a61989f7421a913936
a8e462cb54773ddf7cd4fdc03715c0cd12a537c633c026635d5810b621246db6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 7112
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
108.167.132.218200 OK 308 B URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 308
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-de-carousel.css?ver=2.0.2
108.167.132.218200 OK 329 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-de-carousel.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a379f767b1c8af4aa30114cae5624563
2c0fbfcd83592e67c17275450bc7ba40ab12dc75
ae2451b071c39dccde5282f7588ec626cb4baa0d6fc0638ec140e49a49b99cc6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-de-carousel.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 329
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/de-sticky-frontend.css?ver=2.0.2
108.167.132.218200 OK 194 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/de-sticky-frontend.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b30d692a29ff764a71a96b32a6c8bf6e
d3480b4addccfcfddf5a76afbc5b0261ca989c5e
da4ca87c8bfce18be511cf85c83f3c23f50b6a49f66effec976863c435ac68d8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/de-sticky-frontend.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 194
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
108.167.132.218200 OK 13 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57726)
Hash dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 12577
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.7.4
108.167.132.218200 OK 40 B URL HTTP/2 htech.eti.br/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.7.4
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 94d041d462db321cdb888066586f2068
717d2f9da7fb9f9e2bf2058a8177a0344f8a8647
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.7.4 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 08 Nov 2022 11:54:11 GMT
accept-ranges: bytes
content-length: 40
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/simple-line-icons.css?ver=2.0.2
108.167.132.218200 OK 1.9 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/simple-line-icons.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (360)
Hash 23d60405706816003733d8c49a532da2
7663c005695c7a56defa72af6270238d8046f982
0489b020bf785991dd5f0334fe980b1f1010e29392a6ad36ee8de10a1480b7fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/simple-line-icons.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 1948
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/elementor/css/post-41.css?ver=1667706271
108.167.132.218200 OK 3.0 kB URL HTTP/2 htech.eti.br/wp-content/uploads/elementor/css/post-41.css?ver=1667706271
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16386), with no line terminators
Hash 78e76b09260cc60d0aa1e0c3f0674715
82e155ba7537503e8f9e4eb4350657590628e1f0
e0b12cf4f9e404634aa1394a6c42a2b13c48081a1dce7ab960cd6031b6e8c118
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-41.css?ver=1667706271 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 03:44:31 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2986
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/elementor/css/post-52.css?ver=1667706300
108.167.132.218200 OK 3.4 kB URL HTTP/2 htech.eti.br/wp-content/uploads/elementor/css/post-52.css?ver=1667706300
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24784), with no line terminators
Hash eddc923fe4285e152387e2fa9644b3f4
f9bcf89095024b1a104f2f00f1a231ada527ebe2
1d9c3371e77f712a1dc913677cdb0dbbc3650eb3018a6d8c42d31112cfaebb9b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-52.css?ver=1667706300 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 03:45:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 3434
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-migrate-1.4.1-wp.js?ver=6.1
108.167.132.218200 OK 9.3 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-migrate-1.4.1-wp.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash efcd20e20b6f0870628a30513b22cf14
3974a9212ca714e1147b97abd4d03167f0012f7e
0586ae89290e8b96402ca804152e58884f9a8c7ef79f4a8f5409dfb17ffeb2f5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-migrate-1.4.1-wp.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 9262
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
108.167.132.218200 OK 2.3 kB URL HTTP/2 htech.eti.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6051), with no line terminators
Hash c0a774e614f840a7f380a9aa68f16ac3
d42d9e9c586feba86b3accaf869ca2a365469b54
294b8486de91d8403977d27d636c158fe64ed0c93ce11902ed2f2b10f31d113f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:45:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2332
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/de-product-display.css?ver=2.0.2
108.167.132.218200 OK 1.7 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/de-product-display.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 46a3d5487730e47bad273f912b4d989a
9d00fbde002ec00008cda412e1e74f55614df6bb
457bae004dd75176117264de25db5eeece401d84828070ed37e54cb4b78e5a8f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/de-product-display.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 1686
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.7.4
108.167.132.218200 OK 4.4 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.7.4
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30283), with no line terminators
Hash c2c381b76f533a3992b1060b1e8275ed
8441603d412df07e265d70d72569bd3ed90c51ee
6b1c02e5f7f5a04d0320c0a69a67651c6c322b81dfcf1ad9ca29e0f7374cf613
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.7.4 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 08 Nov 2022 11:54:11 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 4436
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.0
108.167.132.218200 OK 3.0 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2997
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1
108.167.132.218200 OK 5.3 kB URL HTTP/2 htech.eti.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 14:26:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 5321
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
108.167.132.218200 OK 308 B URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (491)
Hash 851fd514d412b7e854365f20a4227c8a
08bf47072f70af1816450cc85a5efb3b8f9114d2
a9449e3cc7c003e5ed6b93bae7b0bba3e4f1713c52214f41d3591692a759b9d7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 308
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/elementor/css/post-426.css?ver=1667701667
108.167.132.218200 OK 355 B URL HTTP/2 htech.eti.br/wp-content/uploads/elementor/css/post-426.css?ver=1667701667
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1635), with no line terminators
Hash d6f34f00bc4597632d78684db2b6ae43
f0a6b54401af15f85632cd64c21da0d3ec5ef2c0
0c6fc52ef0320d9e716c8610cc5b1a9de704245ea175e5a38b49ffe80c9a8366
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-426.css?ver=1667701667 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 02:27:47 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 355
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-icon-box.js?ver=2.0.2
108.167.132.218200 OK 784 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-icon-box.js?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7adadfc3f8ba6cd01aebf10723bd6bc4
b3a17bd0bfdb4aa0b37e68642c4694a330b93faa
14224050d73877aae5ce6955601998795ab9429859ea6cb7d9b635dfbba8b978
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-icon-box.js?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 784
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs_ajax_pagination.js?ver=2.0.2
108.167.132.218200 OK 1.3 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs_ajax_pagination.js?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash aae66d95e5b1bb3d2e737899a452695d
137d370f2d03b14d7a4af0871744402e6f5bdfa8
26aa29386abf6cbe66c198b3454b70be393579480f6c58831fde458dd23964ba
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs_ajax_pagination.js?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 1322
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.0
108.167.132.218200 OK 2.5 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5191)
Hash 4f64e047f77f983d784ace34d0416784
dae5c0842ed9fe97a1063ebf6235a825c49cd8c4
21f982a0590251e893874a385b36718a32c372e266ff8ce0e3df957a5bebcb07
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:54:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2475
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
108.167.132.218200 OK 309 B URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 309
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
108.167.132.218200 OK 1.7 kB URL HTTP/2 htech.eti.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4875)
Hash 6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 20:34:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 1712
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-column.js?ver=2.0.2
108.167.132.218200 OK 860 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-column.js?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2c7982dfa5a75efcaedf4443a5a0d092
ff75f2adfab788ee1dd3fcb16d487e2371692a41
eb40825e1f43d2d61902053b35ea02aa4c22863d66dbf9a77480981f78ab2102
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-column.js?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 860
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/css/classic-themes.min.css?ver=1
108.167.132.218200 OK 189 B URL HTTP/2 htech.eti.br/wp-includes/css/classic-themes.min.css?ver=1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 12:02:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 189
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/elementor/css/post-9.css?ver=1667675408
108.167.132.218200 OK 2.3 kB URL HTTP/2 htech.eti.br/wp-content/uploads/elementor/css/post-9.css?ver=1667675408
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15116), with no line terminators
Hash 8c753f951fd0460ff2a363109bd66777
bae21b89c06ba398f72d4ee9117e4f81656ec678
823f5da5fe315f8882fbe094b181f124cff1d8efb52f1142c010001a380e1075
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-9.css?ver=1667675408 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sat, 05 Nov 2022 19:10:08 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2318
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
108.167.132.218200 OK 1.7 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11736)
Hash ba3b4eacf997395a13d014ade75cea18
e4592d4b40c6aea656fbfc59231920091d1735d5
1203dad3ba83f22855841b1998c01b4f3e776c47efac86721eeabbd84156ee5e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 1651
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
108.167.132.218200 OK 3.7 kB URL HTTP/2 htech.eti.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15672), with no line terminators
Hash 607799bfa5d48117a95cd9dda8a17c2b
9a969f06c70600b753b160db19a5d37c9d249d10
78f67e192604e0dca624c2dcc8ea7cd6c54e14fe15918e7c9586ec1a22775876
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:45:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 3725
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs.js?ver=2.0.2
108.167.132.218200 OK 167 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs.js?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 6c7b1ace99498765899d4a6491f42a27
e31dd9aa7bd3a5dd224169b3bcc62d1b163b290d
bd3db097b4ee6e29ba8e9cd32c6ada53dba0c30977e4f8754ddc3a62a310def8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs.js?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 167
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/charming.min.js?ver=6.1
108.167.132.218200 OK 354 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/charming.min.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (527), with no line terminators
Hash fd32d53bd29fcba5e18ac177fcea9c34
9f2aaa4d3962b5e5ce1c04b8f0b1330846c8630e
b1c85864baa588948e024228a19c6af9b400f58a06707c2730f068c70b625116
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/charming.min.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 354
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/de_loop/ecs-style.css?ver=2.0.2
108.167.132.218200 OK 2.2 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/de_loop/ecs-style.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2820fca5eaf536d4ed2da2f27e34e9d9
3854788561b65228c883d5eb503be480795e93a2
5902cdba5d9327a1413321154673e246ae19f535cf4d720d627addfcac13e568
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/de_loop/ecs-style.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2196
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/de-staggering.css?ver=2.0.2
108.167.132.218200 OK 2.2 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/de-staggering.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c214fed4f29ffb7d78949b01b671f44d
6cbefde62ca9e967f7e19538c273023bb308c540
4448831d4afb6c556b608020e61cbe3eb91fed99a7dc5374fe99220abf206668
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/de-staggering.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2221
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
108.167.132.218200 OK 1.0 kB URL HTTP/2 htech.eti.br/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3164), with no line terminators
Hash b61faf78df8ff0e5446c7fe2b070b144
d98140a3225bbade0a77d7d6001e65148a7ec6b8
3bb0086b96f0d58dc01f13c3d0055c3fe41a4e79e2d1461641ada355763c77c2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:45:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 1048
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.7.4
108.167.132.218200 OK 442 B URL HTTP/2 htech.eti.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.7.4
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (810), with no line terminators
Hash b96c7d958b2c4a3ff7e92608615daeb0
6e95b60a83d06479921cefd745c4dd058842604e
5176a7109dc14142199bbc99ce78c5c6536812d06562b1d300b283bd26849d2f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.7.4 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 08 Nov 2022 11:54:11 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 442
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0
108.167.132.218200 OK 962 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2233)
Hash 55c4564da37f54d4dbf64349ae00ad9b
2e0509df96556ac654074bde62cc2a7c92deff71
d67c3b45b717ac807bc69d8fe69443da7fbd5003d34608bc34da6985f53dcc7b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 962
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.7.4
108.167.132.218200 OK 13 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.7.4
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2586b72a57d56fcc09dfabcd84488de5
58d34cec79898ec005ba78f3b9cc600d1cd4ec96
21a7ae5c7541cd7322cdd1d73bcf1c5d1b47b830dd864079e6d8337a47d32839
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.7.4 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 08 Nov 2022 11:54:11 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 12707
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/imagesloaded.pkgd.min.js?ver=6.1
108.167.132.218200 OK 2.0 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/imagesloaded.pkgd.min.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5324)
Hash 422e1b8247953b0b4ec02fef17fd3866
da46bd225bd2c67b4ce27b4d0360dcf421013d3c
178a9f3dda0741a05ab84f556b142af7e3f958ff6669e6770548f90dbc78959e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/imagesloaded.pkgd.min.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2006
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/main.js?ver=6.1
108.167.132.218200 OK 2.5 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/main.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 26013a7523cb48e6ff7b1f43fb58125c
f290db7929ac53f3d869c765c2302bdece038b0e
3417340368603b6f91f6f7847d96df572046cc674872419d2f737af8c26190b2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/main.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2544
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0
108.167.132.218200 OK 2.3 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash cec23e5a0777df58b888ad2aaa3fe428
3904542fe17b29426f4f964d63e1d45d4bc2f3b7
7ac1b9ea37ea3bcf867bbabd8de828b2e6d7a8e3cb2acaa16b2ae9cbd79b740a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2312
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1.1.0
108.167.132.218200 OK 1.4 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1.1.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b648d0622846d7caaf45674093ec9a3f
fde5c9710dda983a19f210e771ef87e518a28ced
7021932dc92c08c613b9f82b52cf2c24f9942a6688f4546c634e9f4c268fee2c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1.1.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 1432
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/scrollMonitor.js?ver=6.1
108.167.132.218200 OK 3.0 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/scrollMonitor.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8765)
Hash 60b79521c45aace2af50b14ba173e696
a19890f1d024a209fa003e0adba63fffb95551a7
e576c8caf18da6f3fa2032cf986eb4da07e02597bf4dc6f755cdc28cf6726c34
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/scrollMonitor.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2978
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/de-sticky-frontend.js?ver=2.0.2
108.167.132.218200 OK 2.6 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/de-sticky-frontend.js?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 136f95ba6c8c2cafbd7b40dd5111d4cf
cdf50eaf23ab4609ccd7924b06d67d1f63005d92
72f4f94eeca1be0476e2ec4494e56cf7c152a1bd3d067cd98bae07269a265658
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/de-sticky-frontend.js?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2625
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/lineMaker.js?ver=6.1
108.167.132.218200 OK 2.9 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/lineMaker.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7401651c6cbb3a0300adc22f22a90ec8
682bffda54a3eb93d2bc591636535c44f466bad2
de3341f7d5e4558a95c517328ce4dd7c53c1a1f7d01cdd940ca40012cc47e522
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/lineMaker.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2943
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_scroll_animation.preview.js?ver=6.1
108.167.132.218200 OK 3.7 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_scroll_animation.preview.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 52e1314aed8b547c97918563184adb31
7940fc25dad7b6e51a9b9418b423dd5f07596a1c
0749688944e57ad6a4455f5c510ea3d906fe1ebcaa7e55ba3b622e6ed4dfcc50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_scroll_animation.preview.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 3720
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
108.167.132.218200 OK 3.7 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 3747
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
108.167.132.218200 OK 2.7 kB URL HTTP/2 htech.eti.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 20:34:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2675
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
108.167.132.218200 OK 4.2 kB URL HTTP/2 htech.eti.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3b62593186f7f91a9470ab6968ec5feb
bd7728c79c04f4f2f7a787097b0868e06ceba5ad
2a9920dc63cbd8228103c7d6bf2a044f06963041253c385c3cebb147297aa782
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 12:02:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 4233
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1
108.167.132.218200 OK 4.3 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11677)
Hash 8a97f5f1635625b5a994cb8f897608be
310a565eb60cb9598201c3802b4711f82c97602d
dfa6f28fdcc6abab9e73f29dd3c263da5c1cf10d31a3c90bd6d4b7b6267afe7a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 4257
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_staggering/de_staggering.js?ver=6.1
108.167.132.218200 OK 5.2 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_staggering/de_staggering.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 57497b3d27c42ede96ec0651ed510812
5f9b73a0e91a2e75f2737ad332e7322dc8a7b247
4560c5ccfac6ca9a1c91e098ccb2ef510b10d2f73a5657a7b7966ad3b6221a62
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_staggering/de_staggering.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 5178
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.7.4
108.167.132.218200 OK 6.0 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.7.4
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17948), with no line terminators
Hash aad24bfb1effbb2666b3ae0b63250010
a0bccf4c48990fba25fb33a5226f33cd3240e6cd
0a4d91682a1f0fcb8e807f558cd7cf720bd43b0af087d1b4dd25328a8f3a7c7b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.7.4 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 08 Nov 2022 11:54:11 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 6018
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0
108.167.132.218200 OK 7.7 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21624)
Hash 172667bec56888e050739962545c72d7
fe4723f65e0208d489033acd2b8877d4ad84269c
aeea25e6154739c10be0b414a3f6168aaabf3c2e8c54b8e7a926ad38f16398f7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:54:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 7668
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.0
108.167.132.218200 OK 7.1 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24753)
Hash 603f2cfac5d816d609c0d44d3e9251f3
1b82e940ae38eb4936e9fea3a3d2b99b77167696
b8d86cbc15abc6af57ebb34ba3c6f2d4364e7421175e6a8cf68b51dd918613a4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:54:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 7104
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
108.167.132.218200 OK 7.6 kB URL HTTP/2 htech.eti.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 12:02:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 7621
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/anime.min.js?ver=6.1
108.167.132.218200 OK 8.0 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/anime.min.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17638)
Hash 2bcefaf076f70dc1486762c74348b324
0fb53b24d6d6d1de589f741ca59c4626954c0066
d330ac294bbb9426f2d3a314cb5c89a2d768ebc90f8946779feb13290baf737d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/anime.min.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 8015
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/intersectionobserver.js?ver=6.1
108.167.132.218200 OK 8.3 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/intersectionobserver.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d1dd4b69081b259cc3671d1b3d8c1316
badee6a104fa8bc1ed89a49a74233b25957b1179
c3ab0d92866224c65fbff9988f2c89e72d1900129e9a69c661cac918e250149b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/intersectionobserver.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 8325
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
108.167.132.218200 OK 8.3 kB URL HTTP/2 htech.eti.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 12:02:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 8344
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_reveal_animation.preview.js?ver=6.1
108.167.132.218200 OK 10 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_reveal_animation.preview.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (409)
Hash 4267c0d4b2a60517b6825cf1bc5685a3
b992d4db5938bdab9e999256cb5a62356c4c0678
caea687940af86c4e0bf56392613f2f2b1e08486f62eab025423d3703fc13c77
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_reveal_animation.preview.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 10215
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0
108.167.132.218200 OK 13 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 37e06ea4e37d465ce76adb3954eaf201
d1d2f06cdfad134d4638de2ab2bfc54e47d02552
f839cbc0157e8e2efe0bb74b33bfa248b4ebb59d3d968d08124c8263a44dcfa6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 13291
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0
108.167.132.218200 OK 16 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (40474)
Hash 85b4389c079ac11b75c6c592b3ce1dc6
c355e852f0c801191f2138cdeea752d40ec3a078
5dbb8236a5133a22c314a0090ccfcbaa009aeba7d5141cccc67c078c10ad079c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 16151
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4198
Expires: Thu, 10 Nov 2022 22:19:43 GMT
Date: Thu, 10 Nov 2022 21:09:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4198
Expires: Thu, 10 Nov 2022 22:19:43 GMT
Date: Thu, 10 Nov 2022 21:09:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4198
Expires: Thu, 10 Nov 2022 22:19:43 GMT
Date: Thu, 10 Nov 2022 21:09:45 GMT
Connection: keep-alive
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/textfx.js?ver=6.1
108.167.132.218200 OK 503 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/textfx.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/textfx.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-length: 2909
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4198
Expires: Thu, 10 Nov 2022 22:19:43 GMT
Date: Thu, 10 Nov 2022 21:09:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3916060e-035b-48ef-a0bc-a1a576044b3f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3916060e-035b-48ef-a0bc-a1a576044b3f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e9c81b1a820a09138444dd6a55e6bcf6
d54538f8ecf22b03d58589a1bb76a4b292c3072f
2a3f0de4886061792d159e72f7608b27a9e1071486cbbfc3b0900fc2cd229a44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3916060e-035b-48ef-a0bc-a1a576044b3f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9643
x-amzn-requestid: 5560064e-4aed-4525-bd16-f68ffe596d61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTSsUGTmIAMFhjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acb1b-2d0b220d212d6be87298d157;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:33:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kBBJsbKwKYE8ta3n6aBo7Jlcd98blCbA_WzOC8Z2zocYNhLT8HfQgA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:36 GMT
age: 84189
etag: "d54538f8ecf22b03d58589a1bb76a4b292c3072f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c2db9097ad95b726c65a3130483daf7
2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79
1da5e63e7a3e837c758bb365e5e99e6dfb6c54e9b2fe038c3eb1334a86dc4d74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7723
x-amzn-requestid: 1e07419e-8cd6-43d6-b0bb-61183502ee40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpGHFKIAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca0-751c8b152ea5c28f5a78bf46;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BXdwO74rhbF9575IFRz-DNbcEFNiX7JiCtsvghmUE8zOju0eyuFjow==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79"
content-type: image/jpeg
age: 82425
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 178b1b5efcd0c5997d0e5b820193abe2
460630852800c0304295c78df268bfec64416f98
9822d2ef4199dcc01f81a8e6d3a91d9545466c17abfca4eb30e0a49ca8301da6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3445
x-amzn-requestid: 92b5ba7a-e45a-495c-89ae-9738fd5644bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWloyHMpoAMF-Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9e-5508b96c349a34537809ef0e;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3-XU3AO60wbMDZcPshBPHvxEFAQHVs7-dlg52BfbxkSlDAEx9kaeeg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:50:01 GMT
age: 83984
etag: "460630852800c0304295c78df268bfec64416f98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fc04eddc597d6b10db5d59c53f20aec
dddc0da13526d24aaea990cc1d68d9212612da43
a7e2d1fd141c4383de3411be95b8875c9d969d5f001020793a2b4d939aaa780b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12268
x-amzn-requestid: cd9ea4f7-9a75-47b4-a0ad-817c821a592e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpZHbBIAMFfUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca2-69a98f453929cc817bead2c7;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xq1vIovXXR0pPaaHjKWeLcZszoEkISrYvqKvshtQ9dFTf6CUwxmIWA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "dddc0da13526d24aaea990cc1d68d9212612da43"
content-type: image/jpeg
age: 82425
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6xhB_vy5Aj6ScBQuTwWX93HFG5eS3SZHr7dP2Qsz-Q1P1pcXk339gQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 84395
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a929256680885031f55121c35d626bcc
9caf2466f70995d5763b970f916c4944b364a4ff
9366db1c171fe9dae5946198415c9a02005a432fccd359896f94bce874c91027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9283
x-amzn-requestid: c800cccd-80cc-4cd6-8856-66cfd07141c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWmC2HnpIAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d45-686eac2b6c65b8dd41dfb44a;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2SqQjq27y6Vrwzl9a_ho6sOPImE7Fpbyxie8_fuPGa6bf8fn-yX0Jw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:13:45 GMT
age: 82560
etag: "9caf2466f70995d5763b970f916c4944b364a4ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3630091fd881cd703af1ca0441bedec0
9e733f80ddcb18b3fe1c2d987206403263d33693
d42a89a49578f41f73e8b8863f3bc1705cf7f47f88f6d2d11b9ae9501397b635
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=143824
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:45 GMT
Etag: "636cf769-117"
Expires: Sat, 12 Nov 2022 13:06:49 GMT
Last-Modified: Thu, 10 Nov 2022 13:06:49 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/chivo/v17/va9I4kzIxd1KFrBoQeM.woff2
216.58.207.195200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/chivo/v17/va9I4kzIxd1KFrBoQeM.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 18580, version 1.0\012- data
Hash eed74810e727bc5248e52400a8f2f023
c0d44067fbe24774fe5275c2445aacb07391b340
f1860562ca6900b6f4e6382ecc28d58e587e53bdd1728411a262e37128e46df3
GET /s/chivo/v17/va9I4kzIxd1KFrBoQeM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://htech.eti.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 05:49:25 GMT
expires: Fri, 10 Nov 2023 05:49:25 GMT
cache-control: public, max-age=31536000
age: 55220
last-modified: Thu, 21 Apr 2022 16:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/chivo/v17/va9F4kzIxd1KFrjTZPZ4sK0.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/chivo/v17/va9F4kzIxd1KFrjTZPZ4sK0.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16420, version 1.0\012- data
Hash 1ba0be95c6146b12896b4b28bdec7a2b
4bbd0fcdbcd42fdacafba9059f7f8ca09bffef07
757890353064d66b81ba671ab1a358aad4b5afe0d5359c183408b441d345306c
GET /s/chivo/v17/va9F4kzIxd1KFrjTZPZ4sK0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://htech.eti.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16420
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 06:41:11 GMT
expires: Fri, 10 Nov 2023 06:41:11 GMT
cache-control: public, max-age=31536000
age: 52114
last-modified: Thu, 21 Apr 2022 16:26:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
htech.eti.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.7.4
108.167.132.218200 OK 55 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.7.4
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b8dd3c2f46029b6044c1db5610fbe704
692e10370f0602ad124589dee32174952e3a916f
a78b1041aad90b2a722882665fdb9005fe37c3264bc4cb6cf2e66faea82a0240
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.7.4 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 08 Nov 2022 11:54:11 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21096, version 1.0\012- data
Hash edd1beac8f00071cab3e2db58647ff94
8e8128a2cecf6524557cce4a32eb751f5dbe261d
a3298dd9c080ba992e6b3afd31430a7ec37869a5ecda45b854672ec069af4aab
GET /s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://htech.eti.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 00:54:45 GMT
expires: Thu, 09 Nov 2023 00:54:45 GMT
cache-control: public, max-age=31536000
age: 159300
last-modified: Tue, 23 Aug 2022 18:43:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
htech.eti.br/wp-content/uploads/2022/10/45.jpg
108.167.132.218200 OK 153 kB URL HTTP/2 htech.eti.br/wp-content/uploads/2022/10/45.jpg
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 153 kB (153079 bytes)
Hash 3b44554d87bb801809c55076d2275ce6
b51ae3a9a6fbb84f39c1566c2e600ae33c41661e
cfe600a2abe3b8b93d5118dc8086d3bfc499b1f977bc0a1c69e622d89ddf6444
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/45.jpg HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/uploads/elementor/css/post-41.css?ver=1667706271
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:35:20 GMT
accept-ranges: bytes
content-length: 153079
cache-control: max-age=10368000, public
expires: Fri, 10 Mar 2023 21:09:45 GMT
content-type: image/jpeg
date: Thu, 10 Nov 2022 21:09:45 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.7.4
108.167.132.218200 OK 124 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.7.4
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 124 kB (123934 bytes)
Hash 09cbc79e0f80cd88bd69783e3cd3deda
f37127ace55246de13443d6b130e7284a1d6037e
6707b4543ac9b41f571c9704cf81c89d290792867ec5c45adb47c9cc27045912
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.7.4 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
108.167.132.218200 OK 78 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
content-length: 78196
cache-control: max-age=10368000
expires: Fri, 10 Mar 2023 21:09:45 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Thu, 10 Nov 2022 21:09:45 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
108.167.132.218200 OK 13 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
content-length: 13276
cache-control: max-age=10368000
expires: Fri, 10 Mar 2023 21:09:45 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Thu, 10 Nov 2022 21:09:45 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3630091fd881cd703af1ca0441bedec0
9e733f80ddcb18b3fe1c2d987206403263d33693
d42a89a49578f41f73e8b8863f3bc1705cf7f47f88f6d2d11b9ae9501397b635
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=143824
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:45 GMT
Etag: "636cf769-117"
Expires: Sat, 12 Nov 2022 13:06:49 GMT
Last-Modified: Thu, 10 Nov 2022 13:06:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
htech.eti.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
108.167.132.218200 OK 454 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 454356, version 1.0\012- data
Size 454 kB (454356 bytes)
Hash b9c06e9a6857fa27f58f460eb07d634b
b248d700ee5a882068c4e63a1102b44d7afc95e4
11c608304b6bba53880c8d448c4d975d74c1db1801cfbca9fe72ff5f3a58f42f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.7.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 11:54:11 GMT
accept-ranges: bytes
content-length: 454356
cache-control: max-age=10368000
expires: Fri, 10 Mar 2023 21:09:45 GMT
vary: Accept-Encoding
content-type: font/woff
date: Thu, 10 Nov 2022 21:09:45 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/2022/10/black-logoAtivo-1.svg
108.167.132.218200 OK 5.2 kB URL HTTP/2 htech.eti.br/wp-content/uploads/2022/10/black-logoAtivo-1.svg
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (11585), with no line terminators
Hash 5974b8f01fc61621979af3e6cee1f582
927f6c0297f34465d851e08a061270d673d625df
34dee7c2103c5f4bac45125c3a43e119b0e2544109be6866976c238312c3557f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/black-logoAtivo-1.svg HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 03:44:19 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Fri, 10 Mar 2023 21:09:45 GMT
content-encoding: gzip
content-length: 5223
content-type: image/svg+xml
date: Thu, 10 Nov 2022 21:09:45 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/2022/10/white-logoAtivo-2.svg
108.167.132.218200 OK 5.3 kB URL HTTP/2 htech.eti.br/wp-content/uploads/2022/10/white-logoAtivo-2.svg
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (12121), with no line terminators
Hash 3cf4cbe2a5aa7be1f17c9e6c405bed95
559b81982b947994b269c314b8f618247af7a581
4da535ec44ca51e84f6291961e7f2ef3a1ccf728c1d89f877968471d9ebdaae7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/white-logoAtivo-2.svg HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 03:44:21 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Fri, 10 Mar 2023 21:09:45 GMT
content-encoding: gzip
content-length: 5315
content-type: image/svg+xml
date: Thu, 10 Nov 2022 21:09:45 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
108.167.132.218200 OK 671 B URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1320)
Hash 06336a3301ee0a49c87c5b6dd622200e
58894e1a1614214394257edcb009e302cb9c60ca
62b0ea6bbd905f11d687a1fdf9d99dfef393ff5c89a56927fd809313a38d76cc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Cookie: _ga_EE3NPMCFLC=GS1.1.1668114581.1.0.1668114581.0.0.0; _ga=GA1.1.1026809738.1668114582
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:45 GMT
content-encoding: gzip
content-length: 671
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:45 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 10 Nov 2022 20:41:09 GMT
expires: Thu, 10 Nov 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 1716
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/2022/10/fav-150x150.png
108.167.132.218200 OK 8.0 kB URL HTTP/2 htech.eti.br/wp-content/uploads/2022/10/fav-150x150.png
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced\012- data
Hash a64169afac71a64c2f837062f360fb58
aa914c618f490d2b61e54cb94d566b9521e327bc
c10932143fa7269edc840f53323d6155c8d7d4ed3f56ca13d1e6f7bb0bfa8dbd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/fav-150x150.png HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Cookie: _ga_EE3NPMCFLC=GS1.1.1668114581.1.0.1668114581.0.0.0; _ga=GA1.1.1026809738.1668114582
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 15:58:30 GMT
accept-ranges: bytes
content-length: 8025
cache-control: max-age=10368000, public
expires: Fri, 10 Mar 2023 21:09:45 GMT
content-type: image/png
date: Thu, 10 Nov 2022 21:09:45 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/2022/10/fav-300x300.png
108.167.132.218200 OK 19 kB URL HTTP/2 htech.eti.br/wp-content/uploads/2022/10/fav-300x300.png
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 300, 8-bit gray+alpha, non-interlaced\012- data
Hash 653e3161142929727cd801004eb744e1
ce9c3be577f3a9afb7b355073e1c0198d615d527
e048684575fcbbce8e6548a6b92640724337e62ad37a3f64a4e814b42649acb8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/fav-300x300.png HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Cookie: _ga_EE3NPMCFLC=GS1.1.1668114581.1.0.1668114581.0.0.0; _ga=GA1.1.1026809738.1668114582
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 15:58:30 GMT
accept-ranges: bytes
content-length: 19346
cache-control: max-age=10368000, public
expires: Fri, 10 Mar 2023 21:09:45 GMT
content-type: image/png
date: Thu, 10 Nov 2022 21:09:45 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 923f502e81787beca8c9c473ba47afa8
23a3f6ca336ed0de0fa0505f21812abaf6b61f4b
8ce011b4c879f88c496ff33ba7bfceec06085b8bf430c70f0dbd7cf11fbb80e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-EE3NPMCFLC>m=2oeb90&_p=77124112&gdid=dZTNiMT&cid=1026809738.1668114582&ul=en-us&sr=1280x1024&_s=1&sid=1668114581&sct=1&seg=0&dl=https%3A%2F%2Fhtech.eti.br%2Fuet%2Fmusraetietobqrpua&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20HTech.ETI&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-EE3NPMCFLC>m=2oeb90&_p=77124112&gdid=dZTNiMT&cid=1026809738.1668114582&ul=en-us&sr=1280x1024&_s=1&sid=1668114581&sct=1&seg=0&dl=https%3A%2F%2Fhtech.eti.br%2Fuet%2Fmusraetietobqrpua&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20HTech.ETI&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-EE3NPMCFLC>m=2oeb90&_p=77124112&gdid=dZTNiMT&cid=1026809738.1668114582&ul=en-us&sr=1280x1024&_s=1&sid=1668114581&sct=1&seg=0&dl=https%3A%2F%2Fhtech.eti.br%2Fuet%2Fmusraetietobqrpua&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20HTech.ETI&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://htech.eti.br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://htech.eti.br
date: Thu, 10 Nov 2022 21:09:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 21:09:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2917b487c605eb7f53d20ff3b4fbfef0
5dd8989fb1129638361c16ad2a1fde93a4c4aafd
aaf620d791f23829e15a454b3faf5b47a0f00ff37ada91d6de5c62c322fe90ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8875
x-amzn-requestid: 1374243f-4fd8-4405-8f8a-946a8f92c457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniEw2oAMFtfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-195c58a826eae13b58d21aa0;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NPKM_A-uSrNtoT6ScKmBXTdMNsunt3d6UAWSzhLPsSPewThG_a0N8Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 84402
etag: "5dd8989fb1129638361c16ad2a1fde93a4c4aafd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
demo.sociolib.com/evenue/wp-content/uploads/sites/12/2021/12/New-Project.png
104.21.0.250404 Not Found 0 B URL HTTP/2 demo.sociolib.com/evenue/wp-content/uploads/sites/12/2021/12/New-Project.png
IP 104.21.0.250:0
GET /evenue/wp-content/uploads/sites/12/2021/12/New-Project.png HTTP/1.1
Host: demo.sociolib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 10 Nov 2022 21:09:45 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ks7zmzFwftKb8tOLDymsp%2FHyOi8MP2e8gQRtR9LagrjzUbwYPJN6lV9btvcPXSPlh5tFlkzOOYTxVjBHis5T9x4nV8MuUMjPrZZohX2ehK0jUCtfW928PEC7CNb2nns2MLrQiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7681c55f181eb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Space+Grotesk%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Space+Grotesk%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1
IP 142.250.74.10:0
GET /css?family=Space+Grotesk%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 21:09:44 GMT
date: Thu, 10 Nov 2022 21:09:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-1.12.4-wp.js?ver=6.1
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-1.12.4-wp.js?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-1.12.4-wp.js?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.7.4
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.7.4
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.7.4 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 08 Nov 2022 11:54:11 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-widgets.css?ver=2.0.2
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-widgets.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-widgets.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/uet/musraetietobqrpua
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 12:02:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Fri, 10 Nov 2023 21:09:44 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Thu, 10 Nov 2022 21:09:44 GMT
server: Apache
X-Firefox-Spdy: h2