r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8232
Expires: Fri, 25 Nov 2022 05:04:35 GMT
Date: Fri, 25 Nov 2022 02:47:23 GMT
Connection: keep-alive
extremella.com.br/
108.167.188.46301 Moved Permanently 234 B IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d968e8f152d7ca75d93067e684ede9e6
32703ff2fcc115773b101e5d05fb6065f14e238d
58a4e0c104b6adf496265b1bdd186c721b063a8d128ea523812b431e4bdea918
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 02:47:23 GMT
Server: Apache
Location: https://extremella.com.br/
Content-Length: 234
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6101
Cache-Control: max-age=120329
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:23 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:12:52 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20170
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 02:47:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 02:19:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1701
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: E/RvuzRNotXf7J2BIQgAjFwJvnY7vx9DfQ+xq8ytdPwq8LljJUUPCWEmSsJsymkdITFwW0GONrk=
x-amz-request-id: AJB9DBNDT9T6VZDR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 02:43:40 GMT
age: 223
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 02:47:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f0998759e57a4deec36d8938c6fd62cd
c623b84afc3755a6a83ee2961007573b149ae660
7dc03232d89123277e7d5a3fdcef21a911a543230f9862ca1516c6d479f416fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7DC03232D89123277E7D5A3FDCEF21A911A543230F9862CA1516C6D479F416FC"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Fri, 25 Nov 2022 08:46:39 GMT
Date: Fri, 25 Nov 2022 02:47:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 02:08:53 GMT
cache-control: public,max-age=3600
age: 2311
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5249
Cache-Control: max-age=114413
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:24 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:34:17 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.36.24.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.24.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y+L0AAePzh/E1sWkj36Vbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vZj1eP3OO37Qf2LK/jdXCNfZbJ8=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
extremella.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
108.167.188.46200 OK 3.0 kB URL HTTP/2 extremella.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10435), with no line terminators
Hash a6099ee677b6d930b6b878cf0cb08422
a2eb69454196d4250d624d25aaec587e97686642
755acd6dc98e63baff6d8b105b1bcaf63b79f935381fb3f32a79dace7faae0ac
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 04:11:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2985
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-includes/css/classic-themes.min.css?ver=1
108.167.188.46200 OK 189 B URL HTTP/2 extremella.com.br/wp-includes/css/classic-themes.min.css?ver=1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 04:10:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/woocommerce-mercadopago/assets/css/global.min.css?ver=6.3.1
108.167.188.46200 OK 558 B URL HTTP/2 extremella.com.br/wp-content/plugins/woocommerce-mercadopago/assets/css/global.min.css?ver=6.3.1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1245), with no line terminators
Hash ff1e4256448211fe0145cca7bb9fe427
3cd74038f684cbb029e96a1831f64917b3b788e9
c9197f2958e0dd68ba00ae1ae18cde38f59ae324650c70f5de00cd86050b541c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce-mercadopago/assets/css/global.min.css?ver=6.3.1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 13 Oct 2022 18:47:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 558
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.31
108.167.188.46200 OK 5.7 kB URL HTTP/2 extremella.com.br/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.31
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (19378)
Hash 290fc4e1efb4eeb6fadf7c662fd6c73b
4faf165d7e69f62ce3d3d08d4dda1f629d2cced5
a64383ee47049f4a4f15d1da6ca2f593692b07dff0200b9025a794974bd3b928
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.31 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 04:08:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5720
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.31
108.167.188.46200 OK 6.6 kB URL HTTP/2 extremella.com.br/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.31
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (27779)
Hash 0da3b8b642d2f8640b1e56f3a427b25b
117e05c19d345961b103f90a6a3cf4b39f08fa85
c99519fd2fcc283c456c1e583ecc40d8248578c2917414634f7867f7770fb8dc
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.31 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 04:08:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6636
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.31
108.167.188.46200 OK 8.2 kB URL HTTP/2 extremella.com.br/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.31
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32716)
Hash 816408f2914aabe7e0def87ef8533ae7
7196065023033c4e790b63521beef0594f90f4cd
7c4e124e0f316dbb0f025a249af8d80db2eb31344a88eaf60b86125fce67cb62
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.31 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 04:08:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8223
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-203721448-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-203721448-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 0f082606c080fc9b0eb9f39501cdf17a
466f195b1bb1e1297b751b566dcc851721e4293a
abc4f54c50c7cb21a7c5fc6505bbab333720aa4717e096a7a7d232b364b20c42
GET /gtag/js?id=UA-203721448-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 02:47:25 GMT
expires: Fri, 25 Nov 2022 02:47:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44713
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-NDJE9LG3YK
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-NDJE9LG3YK
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash 7e8ce75aa7d40e525d29307dadd7a261
edc1c59eb4ba385a3125c1743b2c5307daa1c793
3dd3a6166df448080c13ab81657c193d761a735f68dc2bdec65dd59e231970ac
GET /gtag/js?id=G-NDJE9LG3YK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 02:47:25 GMT
expires: Fri, 25 Nov 2022 02:47:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75989
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-327062510
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-327062510
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash a0d98a67832548ff23c06bb8edc02641
7eb7d994c59313f86a14314273479f5eb25234a5
4015a579bed30fa40831bb87862aba29f2b361f1bf04229c7020b31b4e447906
GET /gtag/js?id=AW-327062510 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 02:47:25 GMT
expires: Fri, 25 Nov 2022 02:47:25 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53029
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
extremella.com.br/
108.167.188.46200 OK 53 kB IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 94cd3d917d782ec539e6ebf7f1fa4280
d58b83e8940b6b9c6fafa497e080bb8c4d5ef5de
311e435c413739ea93f9c2689ee2c435300dbec3e919929ac57fbd72d9b50407
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://extremella.com.br/wp-json/>; rel="https://api.w.org/", <https://extremella.com.br/wp-json/wp/v2/pages/16>; rel="alternate"; type="application/json", <https://extremella.com.br/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 25 Nov 2022 02:47:24 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.31
108.167.188.46200 OK 2.5 kB URL HTTP/2 extremella.com.br/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.31
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18879)
Hash d56b3cbdd1d39b4ba2d7224594d42da0
ee119ba505d4660e122defe6128e7f08b45a4e8c
8882c8c0f16c9ae20104802012495417ab9c667e03bc96b59ba71a409a5cab33
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.31 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 04:08:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2497
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/product-variations-swatches-for-woocommerce/assets/css/frontend-style.min.css?ver=1.0.8
108.167.188.46200 OK 2.6 kB URL HTTP/2 extremella.com.br/wp-content/plugins/product-variations-swatches-for-woocommerce/assets/css/frontend-style.min.css?ver=1.0.8
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12693), with no line terminators
Hash c76587ed0be611d10e1e03dfe687eda3
81d4275851257fb13ed4bd8683ce0f6e4091c234
e0fad04321d1a6002f0d472c4dbf34f4f6d957431a432b0a442241ef88a22a8d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/product-variations-swatches-for-woocommerce/assets/css/frontend-style.min.css?ver=1.0.8 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Jul 2022 16:30:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2633
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
108.167.188.46200 OK 4.0 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19233)
Hash 2701214b028ad24fa347df8335b36d12
156bc8a7ad2657f00881890637f07c6052636499
9a6e62615ceeec7a9763e4f9614e4715d04fd87873b23db2b3ead06c996cad27
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4008
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.22
108.167.188.46200 OK 963 B URL HTTP/2 extremella.com.br/wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.22
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3932)
Hash 1599d36785fa2766387c7c6572a56972
548a535f124856e1572e59a32b06ae5465371712
8f8ff7995b720fd42a75fa722379c24758ce1655dc8fbc2b137f5b2d56830432
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.22 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 16:10:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 963
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Lato&display=swap
142.250.74.10200 OK 811 B URL HTTP/2 fonts.googleapis.com/css2?family=Lato&display=swap
IP 142.250.74.10:0
Hash 0ca1654b7866810b227369fd3a634e6e
aa51aa6c5292dd594a3689422989de1358656de0
14571752eebb9903610a5f522dd75acc27bd81790a8c92622da441fc4be88be0
GET /css2?family=Lato&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 02:47:25 GMT
date: Fri, 25 Nov 2022 02:47:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
extremella.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
108.167.188.46200 OK 4.6 kB URL HTTP/2 extremella.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
108.167.188.46200 OK 13 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59158)
Hash e6b67e11736ae36a062b381717f2ea9f
a663a79bc8d42aa58bfea1351cc27e0d0b09c9b2
a07a94d36246d0b3e5b9b18e274e31995d0e23cda955babf5e350e91a879523d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12862
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1
108.167.188.46200 OK 4.4 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14869)
Hash 7bab7ad64ffbd7846dd6819250b93e2e
c924918d540389aff62220088b6761f38a5da272
045250efe67364c953a91f6a60cf407ebb5cfdb2da04e84c3d98e5bab5eca9ba
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4359
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1
108.167.188.46200 OK 4.4 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26516)
Hash fdd462f58aee3f9349eabdefb5ca0b57
bb6e017d5537630516ccb98952593690a8c69864
ca51806fcedbe90dd613c4c28673af8693381806a5cb3b43dce2ea4f43e8b314
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4436
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
108.167.188.46200 OK 5.3 kB URL HTTP/2 extremella.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
108.167.188.46409 Conflict 83 B URL HTTP/2 extremella.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2022/06/cropped-eXtremella-512-%C3%97-512-px-2.png
108.167.188.46200 OK 22 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2022/06/cropped-eXtremella-512-%C3%97-512-px-2.png
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 512 x 204, 8-bit/color RGBA, non-interlaced\012- data
Hash 9dc0dcd2aded5c3a030d8dbcd81a8154
0c64a96e82e68e27129b89a943698e77e55adb3d
0793227b4a62a15b3e144febf0305b374bae1873acf17aaf8b6b3e8415174e7c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/cropped-eXtremella-512-%C3%97-512-px-2.png HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jun 2022 22:28:58 GMT
accept-ranges: bytes
content-length: 21955
content-type: image/png
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
108.167.188.46409 Conflict 83 B URL HTTP/2 extremella.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
108.167.188.46409 Conflict 83 B URL HTTP/2 extremella.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/fluentform/public/css/fluent-forms-public.css?ver=4.3.22
108.167.188.46200 OK 3.0 kB URL HTTP/2 extremella.com.br/wp-content/plugins/fluentform/public/css/fluent-forms-public.css?ver=4.3.22
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10315)
Hash 939d15126edba637aeede2788811d7d5
f4db9c0788267c9b6755747a36d011ee565e5d3e
d32874598f375538f20fcdb9410761b71a569ece3aca9347db8bf51a0d5fb341
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/fluentform/public/css/fluent-forms-public.css?ver=4.3.22 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 16:10:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2975
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/fluentform/public/css/fluentform-public-default.css?ver=4.3.22
108.167.188.46200 OK 5.0 kB URL HTTP/2 extremella.com.br/wp-content/plugins/fluentform/public/css/fluentform-public-default.css?ver=4.3.22
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16759)
Hash 634df417a63e0c7a65af0b290fe1571b
8c6e03ebfeb05ffe1e54ed7c32eb81bfa77716ec
97d011048cded5b3b34f01d40ed35155023edf96b0975083942edb58ad575433
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/fluentform/public/css/fluentform-public-default.css?ver=4.3.22 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 16:10:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5000
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/themes/kadence/assets/js/shop-spinner.min.js?ver=1.1.31
108.167.188.46200 OK 422 B URL HTTP/2 extremella.com.br/wp-content/themes/kadence/assets/js/shop-spinner.min.js?ver=1.1.31
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1147), with no line terminators
Hash d0145bb0b2a28f102743411cd2c98d33
ad995f699eb811e533ee233f187210bfae7f20c5
50bbe2954ab1bc901adf42af14c765e5ba36aea9bdeb4653813b23290251a586
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/kadence/assets/js/shop-spinner.min.js?ver=1.1.31 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 04:08:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 422
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
108.167.188.46200 OK 1.0 kB URL HTTP/2 extremella.com.br/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash 0bebfb5722cbc8ac04e62aa40698be49
3bc5e4f29cb19a2d80d46dee242dabf7e42c0fd3
70d02eabbadbe176455a2bb53d8d567feca69847c067a5274987a8bdc65e3c05
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 04:11:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1000
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/super-links/assets/js/automatic-links.js?ver=4.0.6
108.167.188.46200 OK 624 B URL HTTP/2 extremella.com.br/wp-content/plugins/super-links/assets/js/automatic-links.js?ver=4.0.6
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash cacc42c83e448ed7f408b1b643f1c5eb
310dd8764b851a996e6198df8790d70d0fe19e62
ebbee4f61ff85291066d46d1aa419246001616286cce0af0119ada1538ea8e8d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/super-links/assets/js/automatic-links.js?ver=4.0.6 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 16:10:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 624
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.31
108.167.188.46200 OK 6.9 kB URL HTTP/2 extremella.com.br/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.31
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21566), with no line terminators
Hash d7ea359364b0fa06eb9f1478a3de9538
07d5b88b7da2b272831d4e8068f32ce18cc89b4d
11ee4978fc979a2f9e672a20637a35a9870190bb65c373e7bd7ec74e678886ac
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.31 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 04:08:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6929
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
108.167.188.46200 OK 1.1 kB URL HTTP/2 extremella.com.br/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash 769e9d3f7fc383ec1a02024e39730474
4f5a5edf28ed19b48c5e40747ec6896f0df8f09e
4636689d57889e984a7a1a1c6e2516b7a2d951407ca826aaf505c50002e2b486
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 04:11:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1093
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/themes/kadence/assets/css/woocommerce.min.css?ver=1.1.31
108.167.188.46200 OK 38 kB URL HTTP/2 extremella.com.br/wp-content/themes/kadence/assets/css/woocommerce.min.css?ver=1.1.31
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2119ff274f6c3cd32aaf2d40fc54962e
1b81c7201d8c01b6b2082b6f0aeb0975960a0295
149bbca7b1fe6ffc98a34ef19188fb806e3d0c918ef448bf24db3d8460d23f68
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/kadence/assets/css/woocommerce.min.css?ver=1.1.31 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 04:08:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4729
Expires: Fri, 25 Nov 2022 04:06:14 GMT
Date: Fri, 25 Nov 2022 02:47:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4729
Expires: Fri, 25 Nov 2022 04:06:14 GMT
Date: Fri, 25 Nov 2022 02:47:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4729
Expires: Fri, 25 Nov 2022 04:06:14 GMT
Date: Fri, 25 Nov 2022 02:47:25 GMT
Connection: keep-alive
extremella.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
108.167.188.46200 OK 40 kB URL HTTP/2 extremella.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 03bdeeb6e381f079cfd926ef43d7eeaf
246825fe70695882e772959248a53a80ccb1a2d3
98a10e6becde84ac044d8aff41fbcde9a8046d547337b4a1b711cc691a005b54
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 04:10:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2020/10/victor-lam-9uyqoYsnGfo-unsplash.jpg
108.167.188.46200 OK 26 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/victor-lam-9uyqoYsnGfo-unsplash.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x460, components 3\012- data
Hash 9e215e00b3bc090b3bab73c1a17ade78
631d5f7725b71c4a1f7d1d30401baa5f7521f3dc
87649b93a5c690eb70a396b5eb7a2d1abf1ed5af6ca1f743d75261b692cee9aa
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/victor-lam-9uyqoYsnGfo-unsplash.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 17:26:08 GMT
accept-ranges: bytes
content-length: 26311
content-type: image/jpeg
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2020/10/willian-justen-de-vasconcellos-ASKGjAeIY_U-unsplash.jpg
108.167.188.46200 OK 28 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/willian-justen-de-vasconcellos-ASKGjAeIY_U-unsplash.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x460, components 3\012- data
Hash f546937f33007f4efe62e53e6c6d64ab
34d51d577abb0c33ab56d59254f4500731a8bec9
75151ababee22a5b65097fbf48c952416d805096624ef5fdf63da884779ed852
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/willian-justen-de-vasconcellos-ASKGjAeIY_U-unsplash.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 17:26:08 GMT
accept-ranges: bytes
content-length: 27901
content-type: image/jpeg
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 17517
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2020/10/cool-fm-96-9-jgSMz2ZLisU-unsplash.jpg
108.167.188.46200 OK 38 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/cool-fm-96-9-jgSMz2ZLisU-unsplash.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x460, components 3\012- data
Hash 6327a95e939cb0f77d816c84d525527c
a3b53751ecdb1e827a8f79a8f3f414e045cba18b
3ac651d5089f0e9718efed203fd22c106e0aef74507b845efba90a574bc2861d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/cool-fm-96-9-jgSMz2ZLisU-unsplash.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 17:26:07 GMT
accept-ranges: bytes
content-length: 38518
content-type: image/jpeg
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ESacQ13nZwlbUKiNnwl6AxqC9ar8cxPctKLMFWS86aB3ZGsbxG0ZOA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 04:22:08 GMT
age: 80717
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1adbf0cd373a4c06caa71eac14e1286c
236199a790f16dcf96dba80b9945836b37e3c2eb
767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6590
x-amzn-requestid: 5d8b02c4-673a-4c77-8f24-498d9b8a28ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8zGeAIAMF4HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-661ce3991caf87e8558158c3;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4iFMdgZvXpHdbGKY-3exNXsKVn2FuWGQg70mCqzGLSHk_bSTiXSCxA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:01:38 GMT
age: 17147
etag: "236199a790f16dcf96dba80b9945836b37e3c2eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 34198
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2020/10/kahari-king-NUEWYsqzHxM-unsplash.jpg
108.167.188.46200 OK 43 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/kahari-king-NUEWYsqzHxM-unsplash.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x460, components 3\012- data
Hash 546b4ae426791da9b8af30a7e5f2e16e
685fcbf95dd2a8096f3d789a5f7e6448ffa62b4f
eeef151437995f30dd03ab5151f119fa1b2f78027fe5e49caceda958380fc578
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/kahari-king-NUEWYsqzHxM-unsplash.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 17:26:07 GMT
accept-ranges: bytes
content-length: 43332
content-type: image/jpeg
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2020/10/sule-makaroglu-Pn0i5zLEXgU-unsplash.jpg
108.167.188.46200 OK 62 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/sule-makaroglu-Pn0i5zLEXgU-unsplash.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x460, components 3\012- data
Hash 34bf6acd48552ae06100564b099a9c6b
6b4993e8af2d3a3654638e3379b836f33be77cf0
2c074d8dfdf95a308b9352d8b91698e8872db4a5bc36f0cde00d57ef61a9127e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/sule-makaroglu-Pn0i5zLEXgU-unsplash.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 17:26:08 GMT
accept-ranges: bytes
content-length: 62209
content-type: image/jpeg
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
108.167.188.46200 OK 25 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d13ed7cdd5c799416827942e16373c96
b60efdfa6549b9890d8d0ff1a796f376e9da2f7c
53ef3e29a48f198ee049d880c56b1d7934893b41c14c99c291605bf082faa28c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2020/10/daniel-apodaca-MlFJ5hKJCj4-unsplash.jpg
108.167.188.46200 OK 56 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/daniel-apodaca-MlFJ5hKJCj4-unsplash.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x460, components 3\012- data
Hash 6ad94a352b0ddfcc57edf878fd5285f3
f01bdc8cb89bb9a9e03ca006f20985533331836b
5cb9a4969f70aea7bc37043f9c5a9fffcae05ab010c021221b622e480501a62e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/daniel-apodaca-MlFJ5hKJCj4-unsplash.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 17:26:07 GMT
accept-ranges: bytes
content-length: 55553
content-type: image/jpeg
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2020/10/temitayo-aina-tmz3Z1L1qaQ-unsplash.jpg
108.167.188.46200 OK 64 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/temitayo-aina-tmz3Z1L1qaQ-unsplash.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x460, components 3\012- data
Hash 8460b7fb052ab3ebbbaf2dd534af2336
5955597be72cc6cddf88b6e21f2b43b2e64956f2
5de6451ae22994cb5125602e4a0e622001f86cff0fbdd1debb305816ad600929
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/temitayo-aina-tmz3Z1L1qaQ-unsplash.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 17:26:08 GMT
accept-ranges: bytes
content-length: 63600
content-type: image/jpeg
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/product-variations-swatches-for-woocommerce/assets/js/frontend-script.min.js?ver=1.0.8
108.167.188.46200 OK 3.3 kB URL HTTP/2 extremella.com.br/wp-content/plugins/product-variations-swatches-for-woocommerce/assets/js/frontend-script.min.js?ver=1.0.8
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13160), with no line terminators
Hash 7a6c079b6edf6c9c9bac11613df7e91a
037eb3d5729f57459b7255a21105719bf89bec51
0d69150b672d961e4655bc694678f7f3d96dab608f88cf8b43a494554c1ceddb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/product-variations-swatches-for-woocommerce/assets/js/frontend-script.min.js?ver=1.0.8 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Jul 2022 16:30:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3305
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/fluentform/public/js/form-submission.js?ver=4.3.22
108.167.188.46200 OK 7.3 kB URL HTTP/2 extremella.com.br/wp-content/plugins/fluentform/public/js/form-submission.js?ver=4.3.22
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18225), with no line terminators
Hash 5d82c2e2c078a2208eddc416fb1085db
94e2f50f8d01957e37e5f1dab492c7f92b83f4a0
c220b209ddd2fe20085a07dbb2fa27f5f994ba9bd13e19749ba1927af7601073
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/fluentform/public/js/form-submission.js?ver=4.3.22 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 16:10:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7269
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
108.167.188.46200 OK 3.9 kB URL HTTP/2 extremella.com.br/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9111)
Hash a9d79ad492f5d209828cf75ff095edb0
b969ee59c642ce462a2cea6b487f2b1d57a8a18a
c362ad1758080d8a6214b29639dd88f082394a603d4afa9f12d8a037f55f94e5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 04:11:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3949
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.10200 OK 2.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.10:0
File type ASCII text, with very long lines (2139)
Hash fc6e777817ce20b6a90674a3387b29ff
852143180edfa40685d6a1cd138345b6d34ce96e
cb634b6bcb2bfb6ba577fbb6ad690c31735815ebe12b88db3e8b8092f085526a
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 02:47:25 GMT
date: Fri, 25 Nov 2022 02:47:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open%20Sans:regular,regularitalic,700,700italic,800,300,600%7CRosarivo:regular%7CArchivo%20Narrow:regular%7CMontserrat:800&display=swap
142.250.74.10200 OK 4.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:regular,regularitalic,700,700italic,800,300,600%7CRosarivo:regular%7CArchivo%20Narrow:regular%7CMontserrat:800&display=swap
IP 142.250.74.10:0
File type ASCII text, with very long lines (10019)
Hash 0a425350e80a961218983795f17928b6
b24aff00a792c5f6052f1a49176e16ed55fad41a
e153e5ae5a2f91a83d2ea44191c4c323442b003ffa9467cfee2a1aa264cab74a
GET /css?family=Open%20Sans:regular,regularitalic,700,700italic,800,300,600%7CRosarivo:regular%7CArchivo%20Narrow:regular%7CMontserrat:800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 02:47:25 GMT
date: Fri, 25 Nov 2022 02:47:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836
108.167.188.46200 OK 3.8 kB URL HTTP/2 extremella.com.br/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 66b85ee07e712680856a30dbbffd6851
1b7f567df71b51b648eac224f3782aed0f2eb740
ff6d4e7e045697210f93d5d8f201ac69ddf676e0d4e1fd60e6e778cb4931f9f3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 15:27:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3830
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
108.167.188.46200 OK 2.3 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash afe0ea20b00c3b25a89a6b2d6a98c6ac
53c0425fb9abdc217a90ec20509996cd2a5f9e1d
f70c2aa0ee7d185b9ded30b1f2037e4fbd828583d61f68eab99fd2f37b36b2a3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2312
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
108.167.188.46200 OK 13 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash ec532bc72e833d74239248a507033f2d
e682bb6b3a3d8dce061c9974064efa177b286cbc
5225c44ca2b4081202505c1b0a9c16446eda2d51038ac8ed1a5eea1630b0541b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13291
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
108.167.188.46200 OK 8.3 kB URL HTTP/2 extremella.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 04:10:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8344
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
108.167.188.46200 OK 16 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (40474)
Hash 6aeb2153cae643eef82bc2bfd981284f
72ded3873d2eca2490b951a270c2ad90d2be820f
e1f85226ca5e06d9aa02a495ab567529e78f5aeae6924566e58e18debe6f38bb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16151
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
108.167.188.46200 OK 3.7 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.99200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://extremella.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 75875
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/archivonarrow/v24/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2
142.250.74.99200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/archivonarrow/v24/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 10116, version 1.0\012- data
Hash b5dbdda8786a7217df0b90912e2f6991
94bf8611be20feb3c9241806e87511bd73758a2b
0fe6376419d1b2b5b3114da291dbbb4bdf1165bc7a17dcc7b5322befc738e26a
GET /s/archivonarrow/v24/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://extremella.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:57:14 GMT
expires: Thu, 23 Nov 2023 21:57:14 GMT
cache-control: public, max-age=31536000
age: 103812
last-modified: Fri, 24 Jun 2022 19:03:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rosarivo/v20/PlI-Fl2lO6N9f8HaNDeF0Hk.woff2
142.250.74.99200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/rosarivo/v20/PlI-Fl2lO6N9f8HaNDeF0Hk.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 14724, version 1.0\012- data
Hash 184a0a58c438d825baccb9bf71b74ee4
0811a92fd7c2c778896c9cf11bc49e6229493561
9c7cfb267cf60c67f7af6f79515c9629934ac78cd1a2cae16d875760d634642d
GET /s/rosarivo/v20/PlI-Fl2lO6N9f8HaNDeF0Hk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://extremella.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 08:25:16 GMT
expires: Thu, 23 Nov 2023 08:25:16 GMT
cache-control: public, max-age=31536000
age: 152530
last-modified: Wed, 27 Apr 2022 16:11:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
142.250.74.99200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 26240, version 1.0\012- data
Hash 4a90976686fcbd8296c7d7fccc04c273
bcb82e93ac7ad1fa2af6a37009a200f79f4cb4e5
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://extremella.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:10:08 GMT
expires: Fri, 24 Nov 2023 21:10:08 GMT
cache-control: public, max-age=31536000
age: 20238
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2022/06/Plissado-cinta-de-renda-sexy-lingerie-conjunto-para-as-mulheres-transparente-malha-suti-lingerie-conjunto-de.jpg
108.167.188.46200 OK 287 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2022/06/Plissado-cinta-de-renda-sexy-lingerie-conjunto-para-as-mulheres-transparente-malha-suti-lingerie-conjunto-de.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1200, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], baseline, precision 8, 1600x1600, components 3\012- data
Size 287 kB (286626 bytes)
Hash 66c58c3bb1f7822e8d4c26fea4d9d98a
1aa5f6724bdc935133b706d3673aec977f122282
7ced113533794c159caefb55ec9d84a70ca533008c90bd5794d41457a4db9fda
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/Plissado-cinta-de-renda-sexy-lingerie-conjunto-para-as-mulheres-transparente-malha-suti-lingerie-conjunto-de.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jun 2022 20:41:46 GMT
accept-ranges: bytes
content-length: 286626
content-type: image/jpeg
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
extremella.com.br/wp-content/uploads/2020/10/money-bac-2.png
108.167.188.46200 OK 2.3 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/money-bac-2.png
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash fea39b6d0a76d3376e4736a62a6f6c56
8da7f31a0ff2a7ac90241fe7464fafc28f473007
3628340836bf87c9c11cbc8f289f130bbbb9833141922b90e99e0ae3e834602c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/money-bac-2.png HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 17:25:46 GMT
accept-ranges: bytes
content-length: 2334
content-type: image/png
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2020/10/support.png
108.167.188.46200 OK 1.7 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/support.png
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ba083c556c875e816ff3dd80fd4a4077
bffa104560ba7049746bdf16e924e5392e31cbfa
56dbd13030e35b181b400db96e53b53b9be21f2e791dfa63f8084fb7bf3f0abc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/support.png HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 17:25:46 GMT
accept-ranges: bytes
content-length: 1679
content-type: image/png
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2020/10/shipping_01.png
108.167.188.46200 OK 997 B URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/shipping_01.png
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 6d7f6722a5ae038cbe1500ecb426f0b3
a2075081d839fc25032bc38b865e873faaba50df
afbbd530f2aacb456e3bd1809a0d735b000922223f6ebb658996179f3a695bf2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/shipping_01.png HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 17:25:46 GMT
accept-ranges: bytes
content-length: 997
content-type: image/png
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
108.167.188.46200 OK 93 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Hash aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://extremella.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
content-length: 93372
content-type: font/woff2
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2022/06/Sexy-corpo-chicote-de-fios-roupa-interior-do-sexo-conjunto-quente-lingerie-er-tica-com-cinto-2-1024x1024.jpg
108.167.188.46200 OK 200 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2022/06/Sexy-corpo-chicote-de-fios-roupa-interior-do-sexo-conjunto-quente-lingerie-er-tica-com-cinto-2-1024x1024.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2022:04:03 18:02:48 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 15294206742364160.000000], baseline, precision 8, 1024x1024, components 3\012- data
Size 200 kB (200167 bytes)
Hash 29ef2de8c8e7b5b2053188c9c2d3752d
d04bc8eb446270a4932a2769e5d4323aa0830f72
af54a6b9ecbbc64f19706f9e60e896bad7878f4bd360035af00f6c209449097b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/Sexy-corpo-chicote-de-fios-roupa-interior-do-sexo-conjunto-quente-lingerie-er-tica-com-cinto-2-1024x1024.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jun 2022 21:06:51 GMT
accept-ranges: bytes
content-length: 200167
content-type: image/jpeg
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
108.167.188.46409 Conflict 83 B URL HTTP/2 extremella.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2022/06/Design-sem-nome-1.png
108.167.188.46200 OK 486 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2022/06/Design-sem-nome-1.png
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size 486 kB (486412 bytes)
Hash 64387f6d11ce0557ecab41f5c43ac640
2bf5d7c16750b286ae378f6fd1b9259ca60085aa
d4b5fbe8a616fc44bd7b619f5d774a107455b7209275e37f43b2f66b771cee41
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/Design-sem-nome-1.png HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 05 Jun 2022 14:55:41 GMT
accept-ranges: bytes
content-length: 486412
content-type: image/png
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2022/06/Design-sem-nome-3.png
108.167.188.46200 OK 505 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2022/06/Design-sem-nome-3.png
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size 505 kB (505062 bytes)
Hash 8ce6d9eeb44e8aeb5e58291674c58af6
a3fba1bc24f9d2423f6bf378ec9763b93b3d3c9e
bc32315d3873795305ea0362d4000033fbb59a28fe348d1459079866ae73f7d9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/Design-sem-nome-3.png HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2022 01:48:18 GMT
accept-ranges: bytes
content-length: 505062
content-type: image/png
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2022/06/Design-sem-nome-4.png
108.167.188.46200 OK 549 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2022/06/Design-sem-nome-4.png
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size 549 kB (548698 bytes)
Hash d12d281c90c1b349e7caf0e05115f12b
4f174cc4ff21adde107e0217733cc0711486c13f
2cc638847df2584edebb4921ba02e995deec162202e7bb0251550b498879e20b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/Design-sem-nome-4.png HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2022 01:48:08 GMT
accept-ranges: bytes
content-length: 548698
content-type: image/png
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2022/06/Man-nuo-vibrador-de-controle-remoto-brinquedos-sexuais-para-mulheres-exerc-cio-vaginal-bola-de-kegel.jpg
108.167.188.46200 OK 562 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2022/06/Man-nuo-vibrador-de-controle-remoto-brinquedos-sexuais-para-mulheres-exerc-cio-vaginal-bola-de-kegel.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1000x1000, components 3\012- data
Size 562 kB (561484 bytes)
Hash a360951583f3e09897f2c05a34841401
84ddb89006c7aef72c237ac07b6f314105c43963
094d75a3a078611737ed571b61f4a88e6eb7400b22f9fcdf8aff461dab7c6eef
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/Man-nuo-vibrador-de-controle-remoto-brinquedos-sexuais-para-mulheres-exerc-cio-vaginal-bola-de-kegel.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 05 Jun 2022 14:32:16 GMT
accept-ranges: bytes
content-length: 561484
content-type: image/jpeg
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
108.167.188.46409 Conflict 83 B URL HTTP/2 extremella.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2020/10/jesse-goll-_MCwva4-0uY-unsplash.jpg
108.167.188.46404 Not Found 26 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/jesse-goll-_MCwva4-0uY-unsplash.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15912), with CRLF, LF line terminators
Hash 985bf844a8564a34288319573fe4f969
7e6608b530c2fdad5974f6b98ffd98d1d8ea4703
517448667aa9f2b760def09c26bed781df0ee916e719326190286cd65b0766e7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/jesse-goll-_MCwva4-0uY-unsplash.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://extremella.com.br/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js
108.167.188.46200 OK 1.3 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2738)
Hash d6716501cdad9b197e4ac661908d3b1b
84ffe1af9dfa985aa882b70383d1a6aa13d1248a
c0c3b6be24ce79109a8c4e1b49fb617ebadb880681ba062c3a71b15ba4287036
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Cookie: _gcl_au=1.1.707197315.1669344446; _ga_NDJE9LG3YK=GS1.1.1669344445.1.0.1669344445.60.0.0; _ga=GA1.1.846733821.1669344446
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1272
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/?wc-ajax=get_refreshed_fragments
108.167.188.46200 OK 231 B URL HTTP/2 extremella.com.br/?wc-ajax=get_refreshed_fragments
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (505), with no line terminators
Hash 6b3daa674af5af220828bdc4f9acdc4f
a8b88eb3244a3feb3bc384a6e77325b8b352f176
013d9d9b68104da99c8a70481e8f6ac55dc9d6fc93c89ccd4a4c32146a15591f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://extremella.com.br
Connection: keep-alive
Referer: https://extremella.com.br/
Cookie: _gcl_au=1.1.707197315.1669344446; _ga_NDJE9LG3YK=GS1.1.1669344445.1.0.1669344445.60.0.0; _ga=GA1.1.846733821.1669344446
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://extremella.com.br
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
vary: Accept-Encoding
content-encoding: gzip
content-length: 231
content-type: application/json; charset=UTF-8
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-NDJE9LG3YK>m=2oeb90&_p=1243140336&_gaz=1&cid=846733821.1669344446&ul=en-us&sr=1280x1024&_s=1&sid=1669344445&sct=1&seg=0&dl=https%3A%2F%2Fextremella.com.br%2F&dt=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-NDJE9LG3YK>m=2oeb90&_p=1243140336&_gaz=1&cid=846733821.1669344446&ul=en-us&sr=1280x1024&_s=1&sid=1669344445&sct=1&seg=0&dl=https%3A%2F%2Fextremella.com.br%2F&dt=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NDJE9LG3YK>m=2oeb90&_p=1243140336&_gaz=1&cid=846733821.1669344446&ul=en-us&sr=1280x1024&_s=1&sid=1669344445&sct=1&seg=0&dl=https%3A%2F%2Fextremella.com.br%2F&dt=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://extremella.com.br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://extremella.com.br
date: Fri, 25 Nov 2022 02:47:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-NDJE9LG3YK&cid=846733821.1669344446>m=2oeb90&aip=1
142.251.1.156204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-NDJE9LG3YK&cid=846733821.1669344446>m=2oeb90&aip=1
IP 142.251.1.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NDJE9LG3YK&cid=846733821.1669344446>m=2oeb90&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://extremella.com.br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://extremella.com.br
date: Fri, 25 Nov 2022 02:47:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 02:41:08 GMT
expires: Fri, 25 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 379
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/327062510/?random=1669344445914&cv=11&fst=1669344445914&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fextremella.com.br%2F&tiba=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&auid=707197315.1669344446&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.130200 OK 917 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/327062510/?random=1669344445914&cv=11&fst=1669344445914&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fextremella.com.br%2F&tiba=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&auid=707197315.1669344446&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1949), with no line terminators
Hash fd4c9a84fcfa79c09f25f2542c8dd3aa
e911fbf9a6ade67bb7d8d3dc978314760dd40965
6f521e07cf45199831cc24f2deb596d3a74a96fc4499728827350f7f970d215d
GET /pagead/viewthroughconversion/327062510/?random=1669344445914&cv=11&fst=1669344445914&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fextremella.com.br%2F&tiba=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&auid=707197315.1669344446&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:47:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 917
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 25-Nov-2022 03:02:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NDJE9LG3YK&cid=846733821.1669344446>m=2oeb90&aip=1&z=390465594
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NDJE9LG3YK&cid=846733821.1669344446>m=2oeb90&aip=1&z=390465594
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NDJE9LG3YK&cid=846733821.1669344446>m=2oeb90&aip=1&z=390465594 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:47:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
108.167.188.46200 OK 96 kB URL HTTP/2 extremella.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 99173eff65d13a482272ca004637aa00
6ebe43620c3b7f38f6dcbb43fe67e087c074d2fe
f392dedb38e9a42f5d2ea3615e8def2c4aff0e285b1a845d80a03b56d55b5fa9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Cookie: _gcl_au=1.1.707197315.1669344446; _ga_NDJE9LG3YK=GS1.1.1669344445.1.0.1669344445.60.0.0; _ga=GA1.1.846733821.1669344446
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 16:28:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 25 Nov 2022 02:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (4885)
Hash ab05ed4ac93c29024be3eeee00b55938
339552e63a84adb18155d3e3165dd0afb5799a94
c4753bcf222f45f3a53e1aab8af68f9e40b5164f43fa84152114eedee5dad23f
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 25 Nov 2022 02:47:27 GMT
expires: Fri, 25 Nov 2022 02:47:27 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 13662609695479146053
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48986
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/327062510/?random=1669344445914&cv=11&fst=1669341600000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fextremella.com.br%2F&tiba=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1387640899&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/327062510/?random=1669344445914&cv=11&fst=1669341600000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fextremella.com.br%2F&tiba=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1387640899&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/327062510/?random=1669344445914&cv=11&fst=1669341600000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fextremella.com.br%2F&tiba=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1387640899&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:47:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
extremella.com.br/wp-content/uploads/2022/06/cropped-logo-site-192x192.png
108.167.188.46200 OK 14 kB URL HTTP/2 extremella.com.br/wp-content/uploads/2022/06/cropped-logo-site-192x192.png
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash befe62e6f3d413217c7e1a5cbdbfd3df
43e6b477e7199de6a8d7a15a3fe355ca6399a946
238dc8169a068dbe0caf929032b06eb47342b878dffad65f58ffe4ed770a719f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/cropped-logo-site-192x192.png HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Cookie: _gcl_au=1.1.707197315.1669344446; _ga_NDJE9LG3YK=GS1.1.1669344445.1.0.1669344445.60.0.0; _ga=GA1.1.846733821.1669344446
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 15:42:23 GMT
accept-ranges: bytes
content-length: 14445
content-type: image/png
date: Fri, 25 Nov 2022 02:47:27 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
108.167.188.46200 OK 52 kB URL HTTP/2 extremella.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 001a959d560556790e316aec93102c0b
f380bc18e211a85d15c1c8ee01432eb2c2958ece
1e3bb457605e9d37176c2afbf594c56595f74a4a72f6bdaf87746ca5ef32f1c8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 04:11:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/327062510/?random=1669344445914&cv=11&fst=1669341600000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fextremella.com.br%2F&tiba=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1387640899&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/327062510/?random=1669344445914&cv=11&fst=1669341600000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fextremella.com.br%2F&tiba=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1387640899&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/327062510/?random=1669344445914&cv=11&fst=1669341600000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fextremella.com.br%2F&tiba=O%20jogo%20Muda%20Quando%20Voc%C3%AA%20Se%20Coloca%20em%201%C2%B0%20Lugar&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1387640899&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:47:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05681a05de8df6e408ae41032401b73f
f4824b4863e26866b10cd45a8cb422c339997035
97ab2238b53d233622081c75f7c60621eea9ae85c19c7ae958cfdbd685f39ebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=extremella.com.br
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=extremella.com.br
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=extremella.com.br HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 25 Nov 2022 02:47:27 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=extremella.com.br&callback=_gfp_s_&client=ca-pub-3145978769123885&gpid_exp=1
216.58.207.194200 OK 256 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=extremella.com.br&callback=_gfp_s_&client=ca-pub-3145978769123885&gpid_exp=1
IP 216.58.207.194:0
File type ASCII text, with very long lines (401), with no line terminators
Hash 182d5e563456120af233d69c63589f11
3c6eb8e2b09f45d92ac65ddbe21e1803927bd011
9b5c084b5e7b0e0ec633c160ddabcff2c4d9a6d30dda89dc1e90c9f6ea1fedb0
GET /gampad/cookie.js?domain=extremella.com.br&callback=_gfp_s_&client=ca-pub-3145978769123885&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 25 Nov 2022 02:47:27 GMT
server: cafe
cache-control: private
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=extremella.com.br
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=extremella.com.br
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=extremella.com.br HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 25 Nov 2022 02:47:27 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 312d6119e2a9865fd7bd8752bcf62563
fcddb4e1098fe901119e2ec5de135e26b586f897
ed8c44b9621baf009fe6320d2c54a97d18fad60c5cc54646ea00384a0198e734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
142.250.74.66200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
IP 142.250.74.66:0
File type JSON data\012- , ASCII text, with very long lines (14865), with no line terminators
Hash 876a3c7891de1beac0ce0cac4668befb
6439e3c83344745d71c6eb3479e09487933c5737
f6e2dea18c42494f4aacb24810d6fffa0aed2e6bec771cbf20a73a879fad1cae
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://extremella.com.br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Fri, 25 Nov 2022 02:47:27 GMT
server: cafe
content-length: 11219
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fdd426230fc6d944211201eb8bb9aa8c
9e45a44aa7f38231001fd10e25def211714bdf3a
3fb27cd549f11bd7bfd961cf3c5a4fa7e5f4b39565a65ce45846f423e5bcf4cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 02:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Fri, 25 Nov 2022 02:47:27 GMT
expires: Fri, 25 Nov 2022 02:47:27 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:10:36 GMT
expires: Wed, 22 Nov 2023 20:10:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 196611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
extremella.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
108.167.188.46200 OK 0 B URL HTTP/2 extremella.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 05:18:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2
extremella.com.br/wp-content/uploads/2020/10/collin-armstrong-SR0_MNa77MU-unsplash.jpg
108.167.188.46200 OK 0 B URL HTTP/2 extremella.com.br/wp-content/uploads/2020/10/collin-armstrong-SR0_MNa77MU-unsplash.jpg
IP 108.167.188.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/collin-armstrong-SR0_MNa77MU-unsplash.jpg HTTP/1.1
Host: extremella.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extremella.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 17:26:07 GMT
accept-ranges: bytes
content-length: 45525
content-type: image/jpeg
date: Fri, 25 Nov 2022 02:47:25 GMT
server: Apache
X-Firefox-Spdy: h2