Report - abspet.com.br/

Report Overview

Submitted URL
abspet.com.br/
IP
104.21.50.199
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-25 03:55:07
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
88

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	628 B	559 B	216.239.32.36
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	29 kB	157.240.200.14
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.1.35
abspet.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.7 kB	515 kB	104.21.50.199
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.35
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	77 kB	142.250.74.168
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	587 B	86 kB	157.240.200.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.1 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	abspet.com.br/	Malware
2022-11-25	medium	abspet.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Malware
2022-11-25	medium	abspet.com.br/js/include.js	Malware
2022-11-25	medium	abspet.com.br/img/home/animalrepublik.svg	Malware
2022-11-25	medium	abspet.com.br/img/home/img-linha-deo-colonia.webp	Malware
2022-11-25	medium	abspet.com.br/img/home/img-linha-shampoo.webp	Malware
2022-11-25	medium	abspet.com.br/img/home/emporiopet.svg	Malware
2022-11-25	medium	abspet.com.br/img/home/lui-abspet-home.webp	Malware
2022-11-25	medium	abspet.com.br/img/home/img-abs-parceiros.webp	Malware
2022-11-25	medium	abspet.com.br/img/home/img-hidratacao-e-finalizadores.webp	Malware
2022-11-25	medium	abspet.com.br/img/footer2.svg	Malware
2022-11-25	medium	abspet.com.br/img/home/noseLeft.svg	Malware
2022-11-25	medium	abspet.com.br/fonts/Poppins-Medium.woff2	Malware
2022-11-25	medium	abspet.com.br/fonts/Poppins-Regular.woff2	Malware
2022-11-25	medium	abspet.com.br/fonts/Poppins-Bold.woff2	Malware
2022-11-25	medium	abspet.com.br/fonts/Poppins-Light.woff2	Malware
2022-11-25	medium	abspet.com.br/fonts/Poppins-SemiBold.woff2	Malware
2022-11-25	medium	abspet.com.br/img/svg/favicon.svg	Malware
2022-11-25	medium	abspet.com.br/img/svg/logo-ABSPet.svg	Malware
2022-11-25	medium	abspet.com.br/img/svg/facebook.svg	Malware
2022-11-25	medium	abspet.com.br/img/svg/instagram.svg	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed
2022-11-25	medium	abspet.com.br	Sinkholed

JavaScript (9)

	URL	Size	First Seen	Last Seen
	abspet.com.br/js/include.js	1.8 kB	2023-03-11	2023-03-11
Pretty URL abspet.com.br/js/include.js IP 104.21.50.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:33:30 Last Seen2023-03-11 19:33:30 Times Seen1 Hash 10f6f4cd0f60f9eeb1485297e57f107d 7a720e82a447b462ed74da84252c4e1e72c8fba1 4921be859e4c8928d76ac8f135774126d3331f29bddb09276b9ba581ac04bdf9 Loading...

	abspet.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-04
Pretty URL abspet.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.50.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-04 23:45:56 Times Seen55939 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	abspet.com.br/	26 B	2023-03-11	2023-03-11
Pretty URL abspet.com.br/ IP 104.21.50.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:33:30 Last Seen2023-03-11 19:33:30 Times Seen1 Hash c084292530a82278f2687182481ec585 5f53451bd1af0cbdbd0ee7c310889fa8faf4a549 158dafa975f0d72f312d23e8010ac04089ae71d01c466efb75e9f3820b8df6a1 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	abspet.com.br/	529 B	2023-03-11	2023-03-11
Pretty URL abspet.com.br/ IP 104.21.50.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:33:30 Last Seen2023-03-11 19:33:30 Times Seen1 Hash 27a3a666be74bd05fff84f4e1d05ea08 b2eb6f838960623374f75bf83d7dab4c53df2ec1 6f448bcf0f6c463909c50fd03a8a4f7d61eb844bafdb2761abdd58bbb1ffa877 Loading...

	abspet.com.br/	190 B	2023-03-11	2023-03-11
Pretty URL abspet.com.br/ IP 104.21.50.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:33:30 Last Seen2023-03-11 19:33:30 Times Seen1 Hash df053f815ac5af62314392319a294327 59ab510e02ad22c43c31000be452eacce8b59905 c5bbfbb79bd5ea0ba06f6f46d9705ba9fd4c00d009de2519fcbacd7989443028 Loading...

	www.googletagmanager.com/gtag/js?id=G-0QCSE253SC	217 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-0QCSE253SC IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:33:30 Last Seen2023-03-11 19:33:30 Times Seen1 Hash c9fd9afd7e90be0bbb337bd20bf3c79d 81790ee97bc2d4bf2c8ee5b206111fd9d6d7a4f9 865e88d9cc8d3370cf330af7511bcb927377b668345b3f9ca004af4b36a1e688 Loading...

	abspet.com.br/	361 B	2023-03-11	2023-03-11
Pretty URL abspet.com.br/ IP 104.21.50.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:33:30 Last Seen2023-03-11 19:33:30 Times Seen1 Hash b2059dec3e0a9baeed72791a8025673f 7922d24a4e398d5cfd1ab6cbe1f7e041069dec00 de302aa6a36556f4759c7f38666c7dc849d5fd44edf2a3a8b98e9e0efc58f096 Loading...

	connect.facebook.net/signals/config/1271284257057360?v=2.9.89&r=stable	300 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/1271284257057360?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:33:30 Last Seen2023-03-11 19:33:30 Times Seen1 Hash a4c4f915085b5e8ff8042fcb96e25a3b 06f86dbd8f796244f1ea0af39ebed26693952ed2 9f505dcc449b457c80c6415779432ece744905bd377ec8eab6ac8279ac408bbd Loading...

HTTP Transactions (51)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4179
Expires: Fri, 25 Nov 2022 05:04:35 GMT
Date: Fri, 25 Nov 2022 03:54:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16117
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 03:54:56 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1030
Cache-Control: max-age=111205
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:54:56 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 10:48:21 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: GbQSV0jg1DdcuFgOfmC50V/x5GvCIRtoTy6NR0TmpldViYl8JX0clyggLEukiX/Qm892lo3v1rE=
x-amz-request-id: FG4W2XGC2BP8WVF1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 03:40:39 GMT
age: 857
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 03:17:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2252
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:54:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

abspet.com.br/

104.21.50.199

200 OK

5.5 kB

URL HTTP/1.1
abspet.com.br/
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (867)
Size
5.5 kB (5465 bytes)
Hash
4c71df093d40ce2b2ae49988fa0fae70
e78cb1144ba7161c05a49adae76bd45e1a3231b7
ac5c698543ecddcfaf5a8741ac792c7b0918c9c84ccfd424c7f75dbfcc19ea8a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:28:13 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7e1kjbGj5ZL8HFPschV5Kd1FTFJmVaNcZB%2FE8BDjayRGeJsvr5odJEdmEXhJNCSZgt8y8pI8YVGoNOpXoeCrDbYEU%2FvceQ%2BfyUGqygRfwGYIjoZrtgtGVXP2wbZbxKy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f772239f520af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

abspet.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.50.199

200 OK

655 B

URL HTTP/1.1
abspet.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1238)
Size
655 B (655 bytes)
Hash
bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT
ETag: W/"637cd00d-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHU6bHjwaj2odvA4%2B%2Br3XJKoXNRIO5beJ8a34Tx58yivJArYUTdSRPr6syRcCORyc1gFEIg6jPeoDwTTDtte35OJ2W2ysXfxFkUn4OF%2Bfti5R7SQiapQwgqhXZTgs001"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722689b8b517-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sun, 27 Nov 2022 03:54:56 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-0QCSE253SC

142.250.74.168

200 OK

76 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-0QCSE253SC
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19102)
Size
76 kB (75994 bytes)
Hash
3285c65a8f6525bac3f76bd52cb10665
b253fc4547ae5590042029bde0e033c6e830d0f1
a618f9d36eca987ffe5c62c9bb8c06dc4b26a14e611deef32e4a06dfa69cd872

HTTP Headers

GET /gtag/js?id=G-0QCSE253SC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://abspet.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 03:54:56 GMT
expires: Fri, 25 Nov 2022 03:54:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 03:08:53 GMT
cache-control: public,max-age=3600
age: 2763
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

abspet.com.br/js/include.js

104.21.50.199

200 OK

789 B

URL HTTP/1.1
abspet.com.br/js/include.js
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text
Size
789 B (789 bytes)
Hash
fe89d111ed009c1f434cb723eaffbe90
1ec3dc9fb09f0ab3507e47c0ac65d4768ccdea50
e7f8a2e2330f4b27b94083492d5d9892f049e8e266d221c10890791d8e28d3b2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/include.js HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:56 GMT
Content-Type: application/javascript
Content-Length: 789
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:28:13 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbM%2Fv7BzTwGK7U%2BlSrUwmYqpMT%2B3O3YIRA2%2BVPs1quiMkQgM2NfDId%2BnD3JAYEjk5Kvod3uX%2FfPM2lZ99Tc9h5iwBbsANQGBDtmahET1JcTps7A97Vy60W6O1LK0slkx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f77226786d0af6-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4802
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:54:56 GMT
Last-Modified: Fri, 25 Nov 2022 02:34:54 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

abspet.com.br/img/home/animalrepublik.svg

104.21.50.199

200 OK

8.6 kB

URL HTTP/1.1
abspet.com.br/img/home/animalrepublik.svg
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (11373), with no line terminators
Size
8.6 kB (8613 bytes)
Hash
1182b0eff25837ccf8b6ab546ded2789
d5e9e11d9534a6ccc506b132edec8db55a20d09a
c311f4f5507bddf72a23fe47b566d23b8a7a580d98d865e7e7c41ec9280c70b0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/home/animalrepublik.svg HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:57 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:50 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14hzsamvQ%2BlsBk%2F78CORR%2BW0bER59bpxZfF1DR%2FEhEjHEnDw8sG3RPg2VH%2FJYdp1yKTo426XRtJcjWZ8fy2RGMOvvG15mBMTQUzzNidxoRc7vU%2B0NxmEcmqI6P4lGOxw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f772288aa8b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

abspet.com.br/img/home/img-linha-deo-colonia.webp

104.21.50.199

200 OK

13 kB

URL HTTP/1.1
abspet.com.br/img/home/img-linha-deo-colonia.webp
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
13 kB (13180 bytes)
Hash
b7e601a5ae333307638b56a66d3ae648
9c90625f3ec64fc139e025ece4e21b40e6d256ac
031ea8bac5373770e2e3d5cafc916463cae8f96ffe476f65e657155b410bc74f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/home/img-linha-deo-colonia.webp HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:57 GMT
Content-Type: image/webp
Content-Length: 13180
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:51 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhMwpPGic1grU0odtE7jOly7SoqgmWgEhwcmKL45cQgOPzLrv7d2j6THWM3YUsSm0L6b7oBVPiSo4pADnNmrlM2MxnyxHFunnOaXJsmYY49WitHWzgO%2BbcknItwhO4h7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722889470af6-OSL
alt-svc: h2=":443"; ma=60

abspet.com.br/img/home/img-linha-shampoo.webp

104.21.50.199

200 OK

9.3 kB

URL HTTP/1.1
abspet.com.br/img/home/img-linha-shampoo.webp
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
9.3 kB (9336 bytes)
Hash
996c35602b299ef5fa978de9263b1696
cfd04c3efcccee86ac72b7378dbf59a8a1baf78b
ade533faa81a20e56123610c7257c683ba65b90314e34a7cb9e0b805d19e1c92

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/home/img-linha-shampoo.webp HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:57 GMT
Content-Type: image/webp
Content-Length: 9336
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:51 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLaIdie0d4SXYG20JEm3Nzif9Gg5aya3iWBwNcNuRZWa8OwlU4BOJ1xa4DtcLQ4rc9Y1h9elMCj%2Fu29Kj%2FhLxDSlvLNFRY4dsemQ1IrhUo24Opv3IX0TKRBEjh4CsTj0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f772288d0bb50c-OSL
alt-svc: h2=":443"; ma=60

push.services.mozilla.com/

35.163.1.35

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.1.35:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YmDvUCDTSg4U/vJr6BFsgA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: F0nkfWBH9v3kYjBkvGo0d47wchg=

abspet.com.br/img/home/emporiopet.svg

104.21.50.199

200 OK

13 kB

URL HTTP/1.1
abspet.com.br/img/home/emporiopet.svg
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (18517), with no line terminators
Size
13 kB (13391 bytes)
Hash
83fc0e1d4a65aece2e77013d68c45867
1584f2179c2f06c31887b156a0bc5c1181fbf73f
59ddb1a6a83340e833d2850cb2454a2d30a86f3c146b35e8ac7c7a682bd825a7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/home/emporiopet.svg HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:57 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:50 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBKMrAw0oJO9S4SyLikXqsoyeSIfORYsmLqqIuM%2BYvx%2F8WgK5%2Bw8efhWM9Nl8JpPnZ8y3UqzS2ZYoALevCOwro9lV3IMDXlfl9sWQ%2F1SHet47bzwtbYe%2FFzW7vR4N7PY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722889010b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

region1.google-analytics.com/g/collect?v=2&tid=G-0QCSE253SC&gtm=2oeb90&_p=1487445146&cid=546262770.1669348496&ul=en-us&sr=1280x1024&_s=1&sid=1669348496&sct=1&seg=0&dl=http%3A%2F%2Fabspet.com.br%2F&dt=ABS%20Pet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-0QCSE253SC&gtm=2oeb90&_p=1487445146&cid=546262770.1669348496&ul=en-us&sr=1280x1024&_s=1&sid=1669348496&sct=1&seg=0&dl=http%3A%2F%2Fabspet.com.br%2F&dt=ABS%20Pet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-0QCSE253SC&gtm=2oeb90&_p=1487445146&cid=546262770.1669348496&ul=en-us&sr=1280x1024&_s=1&sid=1669348496&sct=1&seg=0&dl=http%3A%2F%2Fabspet.com.br%2F&dt=ABS%20Pet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://abspet.com.br
Connection: keep-alive
Referer: http://abspet.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://abspet.com.br
date: Fri, 25 Nov 2022 03:54:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

abspet.com.br/img/home/lui-abspet-home.webp

104.21.50.199

200 OK

44 kB

URL HTTP/1.1
abspet.com.br/img/home/lui-abspet-home.webp
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
44 kB (43678 bytes)
Hash
f75424992af84123a1a9c81550cc2b83
08bbb32fb488287bf06e98bddebc82d9bb6aeae5
f8c3a48b1377347a46b1988f3e4976da54053dd5786e0eb65383053c025b500c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/home/lui-abspet-home.webp HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:57 GMT
Content-Type: image/webp
Content-Length: 43678
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:52 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iY3p%2FHzasY4aqQMarLIhGpcGFKkbAqnS%2Fe%2Fg4ffukfLiYfv6A8aNmTDCEPkFwDJP2a7%2BEWT5iasCmS9gUIx1MX4DZKKvrsu%2FricOrjAaQW1rc280ng5hlZGvG7SMjF1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722888a8b521-OSL
alt-svc: h2=":443"; ma=60

abspet.com.br/css/style.css

104.21.50.199

200 OK

4.1 kB

URL HTTP/1.1
abspet.com.br/css/style.css
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text
Size
4.1 kB (4145 bytes)
Hash
120af8005b7b620a68264ca9dddfe42a
07a0f8f3e80d640c683c68f281c8a7af7d782a6d
8878e4ce8e267511779e47994d241f3127bb90e637b99881d98fd5470bc32b83

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/
Cookie: _ga_0QCSE253SC=GS1.1.1669348496.1.0.1669348496.0.0.0; _ga=GA1.1.546262770.1669348496

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:57 GMT
Content-Type: text/css
Content-Length: 4145
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W09oE7zMpbdCIHLKCcqFf%2FGc9us%2FIreBVTXDAbhTeCzD612Y%2BTYDUDfXClIOhLT52kImhG35CvnVwOulCrJcT0%2FU%2BO8K5T%2FWItXp4C9235sJZ5Thdg3%2ByWmycc5I6Bi8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f7722a8b8db517-OSL
alt-svc: h2=":443"; ma=60

abspet.com.br/img/home/img-abs-parceiros.webp

104.21.50.199

200 OK

117 kB

URL HTTP/1.1
abspet.com.br/img/home/img-abs-parceiros.webp
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
117 kB (117240 bytes)
Hash
626e02161cbfd84733dd5728591ed6bb
37fb7f70b672c36c7feb06e25b40e14095cd9b3b
d718363a53446a20dabc23771824457608cfdeab5305cb89e749995f90e310b5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/home/img-abs-parceiros.webp HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:57 GMT
Content-Type: image/webp
Content-Length: 117240
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:51 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v32GDy5hTRZCm02XTKNJHBUG25TzT64TNp1oP7%2BEctsYB3nwJFD4kG0FA7yOzwnMOkwRqJzEsU8PmqC2hql3vyXNfC5QfiF2sQjwIwLsryUOA6KhukACZn7o%2FNG%2FiFzI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f772288facb4f7-OSL
alt-svc: h2=":443"; ma=60

abspet.com.br/img/home/img-hidratacao-e-finalizadores.webp

104.21.50.199

200 OK

13 kB

URL HTTP/1.1
abspet.com.br/img/home/img-hidratacao-e-finalizadores.webp
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
13 kB (12884 bytes)
Hash
7ca4210b6899531c67d16d45599a9c36
97a88cddddd4f37c57109c9c3853950e98c9da9c
4b8e1ea7f2f2e0ed8f0d555fe6311c1009d831d9497c19a965ae54612c235051

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/home/img-hidratacao-e-finalizadores.webp HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:57 GMT
Content-Type: image/webp
Content-Length: 12884
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:51 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2B3GDguCiUVfLTbaxvpUDf9gxQz%2BDf7emmzJUm4XP%2F5%2BmKr%2FMc73eLbRQrgqfATzJ8%2FyydyKyJcwG44NxhtehX47Jg6fj5p2DljRrK42KpiouQSqu3467svO1ltyZHLX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722caa20b521-OSL
alt-svc: h2=":443"; ma=60

abspet.com.br/img/footer2.svg

104.21.50.199

200 OK

508 B

URL HTTP/1.1
abspet.com.br/img/footer2.svg
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1192), with no line terminators
Size
508 B (508 bytes)
Hash
6a487d5821a340c33bc146777f4e43ac
5ef4f91199af43620a5420c3d7f10fff80b7a1e9
19e5d095aaef526e900147ec6fcff9b03168a088ecfcad09e17d9248a33558e3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/footer2.svg HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/css/style.css
Cookie: _ga_0QCSE253SC=GS1.1.1669348496.1.0.1669348496.0.0.0; _ga=GA1.1.546262770.1669348496

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:57 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:49 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVMo5bEDg1QSC9rOiBOMM3rSJsXcelc5AhEKk%2BS7Kmv22w7MnCYEokiIVJQy7l7zfY41ZNISgdD2fM5BaBA8tJR42GXsqkC2Gu3gvshmEnKhErmvPOSbTLtyIaCjWSHg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722cbe53b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

abspet.com.br/img/home/noseLeft.svg

104.21.50.199

200 OK

373 B

URL HTTP/1.1
abspet.com.br/img/home/noseLeft.svg
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (632), with no line terminators
Size
373 B (373 bytes)
Hash
7adbf4a260e546f702248363e22d0a86
b435d6b0addfa61cc0cadf934c7298bba4dfb887
cf91c047a42b583c927ed6efd8843583c60d1445a122bcad4ffaf4210df792c6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/home/noseLeft.svg HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/
Cookie: _ga_0QCSE253SC=GS1.1.1669348496.1.0.1669348496.0.0.0; _ga=GA1.1.546262770.1669348496

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:57 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:52 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqsv2SxIZjD1QaNJFZngyezk7DpEMhyyEmvIqMnBmo7OjwOSiVqT0Yl0lo1TcMyHVAhGhPzbax1jizO%2B%2BKkyGQrGeRXRinCTFoFgQbf9fMUFR4A8SCH9XGqCikOj%2BFNo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722cb9b90b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

abspet.com.br/fonts/Poppins-Medium.woff2

104.21.50.199

200 OK

52 kB

URL HTTP/1.1
abspet.com.br/fonts/Poppins-Medium.woff2
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 51692, version 1.0\012- data
Size
52 kB (51692 bytes)
Hash
65c572e4509bc7a1db10d9404adf0522
8302b644db3357ea8539084cca0b677872eb35db
9b9b4a38274692e80c411778f0287d1cedf9d1a92753f1073e6074b34fec8a4e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /fonts/Poppins-Medium.woff2 HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://abspet.com.br/css/style.css
Cookie: _ga_0QCSE253SC=GS1.1.1669348496.1.0.1669348496.0.0.0; _ga=GA1.1.546262770.1669348496

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:58 GMT
Content-Type: font/woff2
Content-Length: 51692
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:42 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm5Ag4E3Be%2BbrV9sqxfn%2BeERHV7OuRdZfSkGnplRd0x5f0cgbV%2Fdwbr9Bwb0EVpvQcE5XYD8C%2BxRIIRKqD0AnxdeK52F7QxBkSfBxDKsZAGPY%2BiRV7rhkWlklqoo9Vy5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722eab2cb521-OSL
alt-svc: h2=":443"; ma=60

abspet.com.br/fonts/Poppins-Regular.woff2

104.21.50.199

200 OK

52 kB

URL HTTP/1.1
abspet.com.br/fonts/Poppins-Regular.woff2
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 52456, version 1.0\012- data
Size
52 kB (52456 bytes)
Hash
abed1cb7ce7794b656c39076aaca6970
216a0f4fbf165aac8e3782de754e25a94aec9071
efb99a75559353bdd76adff36eb32002df26da19e4a8e46a240b29f3fb02d39b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /fonts/Poppins-Regular.woff2 HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://abspet.com.br/css/style.css
Cookie: _ga_0QCSE253SC=GS1.1.1669348496.1.0.1669348496.0.0.0; _ga=GA1.1.546262770.1669348496

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:58 GMT
Content-Type: font/woff2
Content-Length: 52456
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:44 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kx%2FqmgEFQmplTQAJHm2BfHARQ6fT%2B4DqL%2FK%2FjnPxvwQ2hbV6snSh0Ffdl%2Bv2g81QA9MBeTG1QZr%2BK%2Fwr02erI9aMegvhnGZeqFuIU%2BvKMYPkksU%2BZhKoJF4Irhg90HxV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722cbc7eb517-OSL
alt-svc: h2=":443"; ma=60

abspet.com.br/fonts/Poppins-Bold.woff2

104.21.50.199

200 OK

52 kB

URL HTTP/1.1
abspet.com.br/fonts/Poppins-Bold.woff2
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 51800, version 1.0\012- data
Size
52 kB (51800 bytes)
Hash
38a67be189c58dfc5367a081b54ebcc8
2238c989f17cbc2b0bb0941d2ad1433b27fb1867
d83ab9cc7335a68b7e86a1aeebf6626ea6027c63d28d898bf66aaaf43d3197a3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /fonts/Poppins-Bold.woff2 HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://abspet.com.br/css/style.css
Cookie: _ga_0QCSE253SC=GS1.1.1669348496.1.0.1669348496.0.0.0; _ga=GA1.1.546262770.1669348496

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:58 GMT
Content-Type: font/woff2
Content-Length: 51800
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:38 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrJsksSVMhImqKcw91j7ZaNYMw5XuUiDGWpMHsMCMitONaJey2CbUB8mQdR8ZS00axykCpnlRMYAPWdJP04eDR%2FnjmZj7QHhTa2N2YNoQNTu5WgCIRBdW5COh4M%2Fomdk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722ccb770af6-OSL
alt-svc: h2=":443"; ma=60

abspet.com.br/fonts/Poppins-Light.woff2

104.21.50.199

200 OK

52 kB

URL HTTP/1.1
abspet.com.br/fonts/Poppins-Light.woff2
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 52316, version 1.0\012- data
Size
52 kB (52316 bytes)
Hash
88f768813ed8860ae2b7b1337fb459d4
32fe2c7e51cd05140282b91b972e239339d45f2d
fb1ca56684a87b209f611ce83431f6e79b38fa48191074f3a4dba5962798db06

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /fonts/Poppins-Light.woff2 HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://abspet.com.br/css/style.css
Cookie: _ga_0QCSE253SC=GS1.1.1669348496.1.0.1669348496.0.0.0; _ga=GA1.1.546262770.1669348496

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:58 GMT
Content-Type: font/woff2
Content-Length: 52316
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:40 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4KCmB4AB4wLNIe%2BPf%2BPPCVta3RbWYLuLGvc0EbQethhUcXCW2QGAhuljxFW5izzWrgIKc2Io%2FMscXPHNlAGsYV4Isr1LiwKWN4snt%2F7jJ96%2FvOaz4XjaOhY2OKkBao5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722d898ab4f7-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1291
Cache-Control: max-age=91984
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:54:58 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 05:28:02 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

157.240.200.14

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://abspet.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Qu8OVRtCDfcu+N0HgZUkxURulwKzqubpx1oQGFq0KwA8GanMDVb4wBT3VIWR5XTntEjBWhqf+baVXVPzeMKmIA==
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 03:54:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1291
Cache-Control: max-age=91984
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:54:58 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 05:28:02 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

abspet.com.br/fonts/Poppins-SemiBold.woff2

104.21.50.199

200 OK

52 kB

URL HTTP/1.1
abspet.com.br/fonts/Poppins-SemiBold.woff2
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 52404, version 1.0\012- data
Size
52 kB (52404 bytes)
Hash
432e06a396ea3943aa2755e0c771ed4d
af71ad3fd87e022a3a478263aca52b584c7f949f
f5bbc8913d08cdcbfe526e3680418a1d4f881298a0fe9caa96242601c0f3f760

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /fonts/Poppins-SemiBold.woff2 HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://abspet.com.br/css/style.css
Cookie: _ga_0QCSE253SC=GS1.1.1669348496.1.0.1669348496.0.0.0; _ga=GA1.1.546262770.1669348496

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:58 GMT
Content-Type: font/woff2
Content-Length: 52404
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:46 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWPrshI2PbPWpIHmQ7zg5xUll2%2B026ywRpBh9wVkfLdyr%2BoWnVpmhUoSZ0X3WM5N8C3gbvxzVW3AkEdaW6yPRj6TRdFAR8le3p%2BsL77EQrR7WbDqBMKxc2%2B9qwZxTtbm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7722ecef3b50c-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 03:54:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 03:54:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 03:54:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 03:54:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 03:54:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 74451
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6560 bytes)
Hash
9bc7c4877bfa24d0c1bbb774cd906af1
75d9a14e98ffba5a71a6f710be721b593338ffdc
b0e1d9af095632e6d75bc7606bccfb0c1903f5173696cefb7e36c3d34a98358e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6560
x-amzn-requestid: e8956a92-d016-41a2-99b4-631a6db3b8db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQzsFY3IAMF9iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772e7d-2337148b0a824d134aaab9d7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:04:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dU517RkLcsPSCY7GMmqqe4ommRFNpp6CVw4rYEm06u8i3e6_M3FfaQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 10:48:48 GMT
age: 61570
etag: "75d9a14e98ffba5a71a6f710be721b593338ffdc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8277 bytes)
Hash
f59a591b222397ff0f01c22a0786e660
6a8504212141af411a18ce58960c8bb52e8116ac
624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-KFtmIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rIKW7gaK37mlbk_TUo63AH9-XDOoF3Z-5mGaeOkzmESFLJ3GHz60lA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:10 GMT
etag: "6a8504212141af411a18ce58960c8bb52e8116ac"
content-type: image/jpeg
age: 22788
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11743 bytes)
Hash
8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 21613
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6590 bytes)
Hash
1adbf0cd373a4c06caa71eac14e1286c
236199a790f16dcf96dba80b9945836b37e3c2eb
767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6590
x-amzn-requestid: 5d8b02c4-673a-4c77-8f24-498d9b8a28ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8zGeAIAMF4HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-661ce3991caf87e8558158c3;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zrf0qGRu_c3x7ZTku1R-I-z2a_AS1vyjO4tIqja0f9XgGxwv6lWviw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "236199a790f16dcf96dba80b9945836b37e3c2eb"
content-type: image/jpeg
age: 22797
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10531 bytes)
Hash
c71b83b77af9bb19b3845048a3008b43
050da47a42e16a83c1d59419055961fe9f1f4cc0
cb36e84116edbaa02347bc53611a8318ac8284ac71346006cb95688a6a08f662

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10531
x-amzn-requestid: aa926e70-4b20-40ba-849d-50e96cab8bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICPAHoqoAMFXHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3f9-28cdb407069866236c99a0c7;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:36:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vfNXShGI5ZxOg8GVHCvI-6hGwZ-Vh-iVmO9YoCneZU05m8f3fiIl0w==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:38 GMT
age: 21620
etag: "050da47a42e16a83c1d59419055961fe9f1f4cc0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

abspet.com.br/img/icon/icon-192x192.png

104.21.50.199

200 OK

7.9 kB

URL HTTP/1.1
abspet.com.br/img/icon/icon-192x192.png
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
7.9 kB (7852 bytes)
Hash
e5ee5de88389a8ab6342ccf97c24704a
780d806050e79b9b11f4447d48586d0235c3bfff
a4c5a82c750e43f347d9e8fde2b372152c65ba4f6242072da352a1f466a65bad

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/icon/icon-192x192.png HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/
Cookie: _ga_0QCSE253SC=GS1.1.1669348496.1.0.1669348496.0.0.0; _ga=GA1.1.546262770.1669348496

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:58 GMT
Content-Type: image/png
Content-Length: 7852
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:26:53 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ly%2FbSAa4WR2Ke7FRVLblKFkzM5FQGib7idrOtxN0xrKZTbiyIhDg2FRcBee8curSv1FZYdMrOfVVMHzw7t0vSUjkmBypmWtcQl9mu7HUvjwLRAG6kpgrjYI8NWJOdsUO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f772323b15b4f7-OSL
alt-svc: h2=":443"; ma=60

abspet.com.br/img/svg/favicon.svg

104.21.50.199

200 OK

393 B

URL HTTP/1.1
abspet.com.br/img/svg/favicon.svg
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (821), with no line terminators
Size
393 B (393 bytes)
Hash
2f6044247cf09ca6d4d70a728ceaade4
b43b7f0fbb81c4e540daed28872286a0aa95cf74
116d53bfbc10e7cca40d6f1fdc95ad9778dd6f54efbfbbceb9be51d1d258a6bd

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/svg/favicon.svg HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abspet.com.br/
Cookie: _ga_0QCSE253SC=GS1.1.1669348496.1.0.1669348496.0.0.0; _ga=GA1.1.546262770.1669348496

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:54:58 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 13:28:12 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pswDhyQA7uAOBzYtO9GjN6%2BMcZ5QUhRuMmhrHm5%2F4uESDIBi9Jrqj2q0by%2BcV%2FJUowBsV8mEDB9NQT0myXx034kmaIe5Git%2BPCOGIuRKX2jvpSvBgDf9S1zmzKgkJ1Nl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f772323ee6b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.facebook.com/tr/?id=1271284257057360&ev=PageView&dl=http%3A%2F%2Fabspet.com.br%2F&rl=&if=false&ts=1669348498244&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669348498243.554412224&it=1669348497907&coo=false&exp=c1&rqm=GET

157.240.200.35

200 OK

86 kB

URL HTTP/2
www.facebook.com/tr/?id=1271284257057360&ev=PageView&dl=http%3A%2F%2Fabspet.com.br%2F&rl=&if=false&ts=1669348498244&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669348498243.554412224&it=1669348497907&coo=false&exp=c1&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type
gzip compressed data, from Unix\012- data
Size
86 kB (85978 bytes)
Hash
3f4baa4c450a74c33a7b0cc60fbbe20c
a5a7dbd1d568b75d37709b6448b64ad12330024c
824cce2b3ba7d67ca3e68eb2f0891a00ad2827bdb3c41277f18ddd2f3422ddc0

HTTP Headers

GET /tr/?id=1271284257057360&ev=PageView&dl=http%3A%2F%2Fabspet.com.br%2F&rl=&if=false&ts=1669348498244&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669348498243.554412224&it=1669348497907&coo=false&exp=c1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://abspet.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Nov 2022 03:54:58 GMT
X-Firefox-Spdy: h2

abspet.com.br/img/svg/logo-ABSPet.svg

104.21.50.199

200 OK

0 B

URL HTTP/2
abspet.com.br/img/svg/logo-ABSPet.svg
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/svg/logo-ABSPet.svg HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://abspet.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:54:56 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 13:28:12 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIvrkkQ8EAJu%2FTTsXtbWuEbY3jv7PDSDzGRiIW%2FAhAY8TVykuMPQ5lW6K8zwbz71u2rGIlh0OIEvKyIyu7LpfEpxo%2BnBlfwysUB9ISrFo%2B4A0pXIpOW%2F7NHvzE2EhbxU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77226aac5b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

abspet.com.br/img/svg/facebook.svg

104.21.50.199

200 OK

0 B

URL HTTP/2
abspet.com.br/img/svg/facebook.svg
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/svg/facebook.svg HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://abspet.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:54:56 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 13:28:12 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeUsG8GFaXC9OnupWDV%2BdJ68NP7ozaNNo6jj%2FO%2FKKGHvOofpacUXXk6XJtBoGU1h4tu56XpD7UCkNSmJRGF6lfFmy2zo5dN2QB0YERUHtv4JlAVhzhdaqyN%2FQECZ%2Fd1j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77226aac6b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

abspet.com.br/img/svg/instagram.svg

104.21.50.199

200 OK

0 B

URL HTTP/2
abspet.com.br/img/svg/instagram.svg
IP
104.21.50.199:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/svg/instagram.svg HTTP/1.1
Host: abspet.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://abspet.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:54:56 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 13:28:12 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HT08Ef6vHlQNx%2BwelUt1Bb5%2FxoqihSZDWaCW44y4Urr3gFEsyNPFa4F66B5phlLQ24VlAN9borMeax94w7J1dfs%2BP3NKncfVbim1O%2FqmuTJ7WC5%2FjeD2xMuAhQDKa0yv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77226aac7b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations