Report - saudesomnis.com.br/im/

Report Overview

Visited public
2023-12-08 06:38:24
Tags
URL
saudesomnis.com.br/im/
Finishing URL
saudesomnis.com.br/
IP / ASN
162.241.203.111
#46606 UNIFIEDLAYER-AS-1
Title
Somnis Saúde – Clínica especializada em realizar sonhos saudáveis através da Fisioterapia, Osteopatia, Gyrotonic, Pilates, RPG, Nutrição e Acupuntura!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

232

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aus5.mozilla.org	2548	1998-01-24	2015-10-27 08:06:24	2023-12-07 05:09:08	523 B	1.2 kB	35.244.181.201
ciscobinary.openh264.org	40822	2013-10-19	2014-10-07 07:43:56	2023-12-07 08:21:36	305 B	512 kB	62.115.252.115
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-07 07:59:33	3.3 kB	162 kB	216.58.207.227
snapwidget.com	52354	2011-10-09	2012-07-20 17:48:14	2023-12-07 08:56:15	5.3 kB	288 kB	104.26.8.123
scontent.cdnsnapwidget.com	140237	2018-05-22	2018-05-22 19:18:03	2023-11-30 06:45:46	17 kB	2.0 MB	172.67.71.109
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-07 08:07:58	435 B	275 kB	142.250.74.168
saudesomnis.com.br	unknown	unknown	2019-01-29 02:01:10	2022-12-06 18:58:32	28 kB	1.8 MB	162.241.203.111
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2023-12-07 08:02:22	504 B	7.2 kB	104.16.57.101
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-07 07:16:25	1.0 kB	84 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed
2023-12-08	medium	saudesomnis.com.br	Sinkholed

ThreatFox

No alerts detected

Files detected

URL
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
62.115.252.115
ASN
#1299 Telia Company AB

File type
Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size
512 kB (511815 bytes)
Hash
152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48

JavaScript (44)

	URL	From	Size	First Seen	Last Seen
	snapwidget.com/embed/545561	ScriptElement	666 B	2023-03-07	2025-05-10
Pretty URL snapwidget.com/embed/545561 IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-05-10 07:37 Times Seen137 Hash 001ae66981ad12cc006002c553c23d72 cce33ac2f54b1c64602cb073aef091366ccae499 e70d708800c1b00add02f7c7a4343c56f43efad2df11b52008837dd5e787ce99 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 14:08 Times Seen341131 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	saudesomnis.com.br/	ScriptElement	2.2 kB	2023-12-08	2024-08-20
Pretty URL saudesomnis.com.br/ IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen4 Hash 8886d787a2775af10fcc9ec35be708eb c54aa01eafb0e36249cff8f9aad2481285d0deec 87ac52928e969562b7c76a2a8e2e3cd142372cb540263d6412207f4531ee7774 Loading...

	snapwidget.com/js/embed.main.min.65b73ba9362828bd.js	ScriptElement	3.1 kB	2023-03-14	2025-05-10
Pretty URL snapwidget.com/js/embed.main.min.65b73ba9362828bd.js IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 04:07 Last Seen2025-05-10 07:37 Times Seen144 Hash 65b73ba9362828bdcdb610040303ff6c d742460cc0f9afed03d6d0d666c22b05cfb34725 afa5120ec9d40721c773d23041f6cefe9e1894c9a8d7387b1cbd3d8e60a2ffc5 Loading...

	saudesomnis.com.br/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=27.2.9.4	ScriptElement	53 kB	2023-03-07	2025-05-09
Pretty URL saudesomnis.com.br/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=27.2.9.4 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 21:51 Times Seen962 Hash 0ba3e2243f42575817b07fcadacf8269 50ed3259514f428897730c9d429974bdc72eb988 6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511 Loading...

	saudesomnis.com.br/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=27.2.9.4	ScriptElement	1.5 kB	2023-03-08	2025-05-09
Pretty URL saudesomnis.com.br/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=27.2.9.4 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30 Last Seen2025-05-09 17:00 Times Seen740 Hash 78a582571f88d7d9d7443423712e80b2 53b9b049da924b291c9bc7f988ebb46f6a9cc227 c24a7908e8bccfb36947de91ab342f33f1c966b31f50ed1fb83d9d8b3d579a1f Loading...

	snapwidget.com/embed/545561	ScriptElement	221 B	2023-03-14	2025-05-10
Pretty URL snapwidget.com/embed/545561 IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 04:07 Last Seen2025-05-10 07:37 Times Seen138 Hash 25a2ca43e74b0c97d6ce455ff5dee1e6 77e243c3bb9159f48b289722dab0441a8185e77d 9b054eb5f43a73cf0d95ee8c95b238fec734705e72765a2b11700a13ae6b21e0 Loading...

	snapwidget.com/node_modules/jquery/dist/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-11
Pretty URL snapwidget.com/node_modules/jquery/dist/jquery.min.js IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:56 Times Seen7495 Hash 4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Loading...

	saudesomnis.com.br/	ScriptElement	2.3 kB	2023-03-07	2025-05-11
Pretty URL saudesomnis.com.br/ IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:10 Last Seen2025-05-11 11:03 Times Seen8951 Hash f0bef95e258d5b84f82c5d4e29252176 eac5936c555c039bc38816d0916e13c0b364d797 a6c3ffec54ef5f2ca033b1fcdf84e1feac93437a3d8d4439667e9276ca2a9836 Loading...

	saudesomnis.com.br/	ScriptElement	446 B	2023-12-08	2024-08-20
Pretty URL saudesomnis.com.br/ IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen4 Hash baa5f3e09741e4ffb1114d9ca7bd2d40 8e068c1787e078623da63b0123ac44dd0201cb2b 77b0d1f7b5c782c8646619659d556c440c23aa11fc11510d8d7513025f05b92f Loading...

	snapwidget.com/embed/545561	ScriptElement	56 B	2023-03-07	2025-05-10
Pretty URL snapwidget.com/embed/545561 IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-05-10 07:37 Times Seen141 Hash df59ba47c96641e082c650c592e45f82 4cdaf0ec07d583bfcd8cba673290dedf63572a1f ec85b19cd6b456197fb68b735befd4093c2d15a831866fb3b195fd115ad92072 Loading...

	www.googletagmanager.com/gtag/js?id=G-E8WQDE3S74	ScriptElement	274 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-E8WQDE3S74 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 07:38 Last Seen2023-12-08 07:38 Times Seen1 Hash 51581ade28ef8bdb24eeb958f45ac62d e4e4f31a5813f45d924a796d7ea03d8dcb9f2a96 f2082699c1773631234afb53a9cff6888cd1ce9a4cdd7a7106eae07c88d12cf5 Loading...

	saudesomnis.com.br/	ScriptElement	445 B	2023-12-08	2024-08-20
Pretty URL saudesomnis.com.br/ IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen4 Hash 18ea0897e346c07cb3110d474cac9938 146fc2fe613cf0787ef156b38cb5f964b31db416 39e8d770aa21f775d4e9f9af55292ba896384955c8e8e0924d19b3593cd59cdf Loading...

	saudesomnis.com.br/	ScriptElement	445 B	2023-12-08	2024-08-20
Pretty URL saudesomnis.com.br/ IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen4 Hash ebb4af2d219bac8db04b2d0de694599f 499d306b617b172c9f3286d71e17dbc7fb8f0f55 d359edd26fdb2d43f495f46b49808fc00a04072226ee56301f1d3bfa15504ed5 Loading...

	saudesomnis.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	ScriptElement	21 kB	2023-03-08	2025-05-07
Pretty URL saudesomnis.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21 Last Seen2025-05-07 22:57 Times Seen1859 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	saudesomnis.com.br/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2	ScriptElement	12 kB	2023-03-08	2025-05-09
Pretty URL saudesomnis.com.br/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23 Last Seen2025-05-09 21:51 Times Seen2408 Hash 88407dc30b83ffa7dd834fe4a35307b7 857a3a007e5ea8d88123bb47019606618e19eb77 6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7 Loading...

	snapwidget.com/js/vendor/vjslider.min.4d30fbdabde8231b.js	ScriptElement	4.8 kB	2023-03-07	2025-01-20
Pretty URL snapwidget.com/js/vendor/vjslider.min.4d30fbdabde8231b.js IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:35 Last Seen2025-01-20 03:38 Times Seen16 Hash 4d30fbdabde8231bded0e3ae86f269cc c4e60d206b9526cbda55e9e341473a24176a7890 823662f83b894a3a8eaa3864e5a7c3d0eb75e1a6ecdfe12dc37461a9a5beaeca Loading...

	snapwidget.com/embed/545561	ScriptElement	214 B	2023-03-07	2025-05-10
Pretty URL snapwidget.com/embed/545561 IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-05-10 07:37 Times Seen141 Hash 2431f0ee11b5def8207a840d8c616a8e 6630c691b35629175fcf2578a74e3c03f63e8c2f 77807172a86afdf75578d9c163ee30b74435edde8ef96d41d2c2ba4fa39505a3 Loading...

	static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317	ScriptElement	20 kB	2023-10-13	2025-05-09
Pretty URL static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:51 Last Seen2025-05-09 13:23 Times Seen17152 Hash dd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Loading...

	saudesomnis.com.br/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL saudesomnis.com.br/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 14:08 Times Seen341932 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	saudesomnis.com.br/	ScriptElement	332 B	2023-03-07	2025-05-10
Pretty URL saudesomnis.com.br/ IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 22:49 Times Seen11582 Hash 7d495bb1d6c246a2d57df3ab9332a3cc 6367d4f8addf48f2af1023b8176a2263bb424d01 df09a4f39d495e901a5479fce56c8ddec4f8a6acda1b3ceab7adc704fa439e32 Loading...

	saudesomnis.com.br/	ScriptElement	493 B	2023-03-07	2025-05-11
Pretty URL saudesomnis.com.br/ IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-11 06:05 Times Seen4633 Hash f73f3cc147a181d5955eaba113c1c122 07a5ef5a63d37a99d17986786d75bdcb3cda6409 5aab3a40376dc0dffe15b2882b50d298e6c877683a4f25ddfcf77fbd16d47b56 Loading...

	saudesomnis.com.br/	ScriptElement	253 B	2023-03-07	2025-04-15
Pretty URL saudesomnis.com.br/ IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:18 Last Seen2025-04-15 04:44 Times Seen9 Hash 7b03c687876d5cbf189bf181fd04a7c1 028b37c48a2d37948c2226c4bec1ad1e7acca32e 35f5428c72080b83ba19f14f677d99e7ff29a3365bfada213947f5f0befcc6d5 Loading...

	snapwidget.com/js/embed.vendor.min.2f17f0b14ee46c5a.js	ScriptElement	2.5 kB	2023-03-07	2025-05-10
Pretty URL snapwidget.com/js/embed.vendor.min.2f17f0b14ee46c5a.js IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24 Last Seen2025-05-10 07:37 Times Seen144 Hash 2f17f0b14ee46c5adcbf1c9950a83f0c bdee0cea60eea9f836578a9e25a0751cac967517 21a2e6c484de0c29d96ec0ac407ee0603dfd95741951506ed7a1bcbc6a6db4bc Loading...

	saudesomnis.com.br/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/js/app.js?ver=1.7.4	ScriptElement	3.0 kB	2023-03-07	2023-12-13
Pretty URL saudesomnis.com.br/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/js/app.js?ver=1.7.4 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18 Last Seen2023-12-13 23:48 Times Seen6 Hash 64ec20f56edf9a1103ba1af90aaa0561 889ec7005e6628da62980fe28f0fe0b339248961 56d15d81a6c226086c62f73192c074293594818496cf638fa5397ba1040d523e Loading...

	saudesomnis.com.br/wp-content/themes/betheme/js/menu.js?ver=27.2.9.4	ScriptElement	2.9 kB	2023-03-07	2025-05-09
Pretty URL saudesomnis.com.br/wp-content/themes/betheme/js/menu.js?ver=27.2.9.4 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26 Last Seen2025-05-09 17:00 Times Seen662 Hash 9273afb5226060534f29e2efad7eaa80 3ae8aad16159330a39a83e1068273214a4eecd01 e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f Loading...

	saudesomnis.com.br/wp-content/themes/betheme/js/scripts.js?ver=27.2.9.4	ScriptElement	146 kB	2023-11-02	2024-08-20
Pretty URL saudesomnis.com.br/wp-content/themes/betheme/js/scripts.js?ver=27.2.9.4 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 21:10 Last Seen2024-08-20 21:21 Times Seen31 Hash 3cc900f4fdadbeedd2a0b6723cd54865 512f64c8195c77d6be1c178c8248a565855fd8ca 71f85524f5cafbd01e1e7d68a2822125bae9b7643b1457015e3e6b7dc0d357bf Loading...

	saudesomnis.com.br/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.18	ScriptElement	165 kB	2023-03-08	2025-05-11
Pretty URL saudesomnis.com.br/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.18 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:50 Last Seen2025-05-11 11:03 Times Seen5389 Hash 0a7176e860c4303f557950b75fb8a898 c292eb1b902ed06fccd65a684d6b311e1290caa9 c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094 Loading...

	snapwidget.com/embed/545561	ScriptElement	781 B	2023-03-14	2025-05-10
Pretty URL snapwidget.com/embed/545561 IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 04:07 Last Seen2025-05-10 07:37 Times Seen141 Hash b387197dfa1f8b8da5d327bb67366375 c8902a7bb1648b2fa26d5c15fc6cff30d03152f0 b1a3c4ce3dc5418fbc97ce22f05b8f554a2a413bc60fa8f70df806a12fd6350d Loading...

	saudesomnis.com.br/	ScriptElement	158 B	2023-12-08	2024-08-20
Pretty URL saudesomnis.com.br/ IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen4 Hash d52595ac0e4b3c258c34d45efe988c37 002220dbdda005e310dd01465b2a41b052105f11 1854cc222daae1deb61f066f6260e8390e1c3f666db2df64280bcd78f4dd6ea5 Loading...

	saudesomnis.com.br/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=27.2.9.4	ScriptElement	472 B	2023-03-08	2025-05-09
Pretty URL saudesomnis.com.br/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=27.2.9.4 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30 Last Seen2025-05-09 17:00 Times Seen741 Hash 6cbc17c595baec9068f58eef5f001410 3a1b22a742cf6b54c47d639c06351d1b3121acd9 7c5a0e187e68ccbf13dafd079e2c46c7917cc60b6959e5a881da324958f34d92 Loading...

	saudesomnis.com.br/	ScriptElement	647 B	2023-12-08	2024-08-20
Pretty URL saudesomnis.com.br/ IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen3 Hash 4dd510049d9e506f25d83b3d5b699c26 318c2af27c3fabc3e1422abdab62c1dbf837dc9a 86bc63469a0298e761f99d6a17f89567742c49beb88a0f6f75bf66cfe9668207 Loading...

	saudesomnis.com.br/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=27.2.9.4	ScriptElement	20 kB	2023-03-08	2025-05-09
Pretty URL saudesomnis.com.br/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=27.2.9.4 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30 Last Seen2025-05-09 17:00 Times Seen739 Hash 292bcdf90948053977b80f167878eb64 c22cf9127f7ac360c63d9787648498687d4fe26a 82705acbecdd84306ce33e08f576eca6a688896895e6e48d1c36a4071fcba14e Loading...

	saudesomnis.com.br/wp-content/themes/betheme/js/plugins/visible.min.js?ver=27.2.9.4	ScriptElement	608 B	2023-03-08	2025-05-09
Pretty URL saudesomnis.com.br/wp-content/themes/betheme/js/plugins/visible.min.js?ver=27.2.9.4 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30 Last Seen2025-05-09 17:00 Times Seen742 Hash 5d4ae3c17238c7d37f7bb54f61632cc6 64819d2b67c84697489945bcbebb587bdb08aedc 8ecf312a51fd23a6d2258191745ab900d7f393a4633515e0df6305cde42b1a3a Loading...

	saudesomnis.com.br/wp-content/themes/betheme/js/parallax/translate3d.js?ver=27.2.9.4	ScriptElement	4.0 kB	2023-03-13	2025-05-07
Pretty URL saudesomnis.com.br/wp-content/themes/betheme/js/parallax/translate3d.js?ver=27.2.9.4 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:54 Last Seen2025-05-07 21:30 Times Seen320 Hash 8deff7985db0ab5eeeb88c9039438c61 631008039e2d67299ca555589b719cfbf273ed39 19906e9585e0f90c005878ee2c63fcd8d1ed933a0ef6bea16bb1a2226b075b40 Loading...

	snapwidget.com/embed/545561	ScriptElement	215 B	2023-03-07	2025-05-10
Pretty URL snapwidget.com/embed/545561 IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-05-10 07:37 Times Seen130 Hash f5ad787e6a1676891081d022a3c843b6 54a27a03b86a484a9d2e6bde0e0ecd9c12653f1a 384017f1de4b1fe7d3d1ab2c7b5e084a7a5b56629d575ae29cd24059e6036b6f Loading...

	snapwidget.com/embed/545561	ScriptElement	1.6 kB	2023-12-08	2024-08-20
Pretty URL snapwidget.com/embed/545561 IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen4 Hash ba3403e6055261b24683b14c48c33198 94654b4858e72275b4f151199380856bbabae249 995c5c9263ad325b43aa06bd0cd57cec07a0e214e93360af9f1d7f086573f87c Loading...

	saudesomnis.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.4	ScriptElement	19 kB	2023-03-07	2025-05-11
Pretty URL saudesomnis.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.4 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 09:54 Times Seen7668 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	saudesomnis.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.18	ScriptElement	410 kB	2023-10-26	2025-05-11
Pretty URL saudesomnis.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.18 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-26 00:41 Last Seen2025-05-11 11:03 Times Seen497 Hash 0e4ee1e57cfb5ed34b74d82e847ce797 a9358089dd645dfb6fb3e060bdf50c26c160d5fa 44350f3c434ddd70b17e6b0f49398c24efa091ab58e1ab12700acd15962f4374 Loading...

	saudesomnis.com.br/wp-content/themes/betheme/assets/animations/animations.min.js?ver=27.2.9.4	ScriptElement	1.8 kB	2023-03-13	2025-05-09
Pretty URL saudesomnis.com.br/wp-content/themes/betheme/assets/animations/animations.min.js?ver=27.2.9.4 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:58 Last Seen2025-05-09 17:00 Times Seen689 Hash 2fcd6f71a7127832a97b771a9fe5482b 61643e25a6fc0b2b5cd3315d100970053db45d20 aeae8ba7d9c8ee997a8ddb5f5ec82381ed7851b750e4d1f466a1f19fad7a8462 Loading...

	saudesomnis.com.br/	ScriptElement	5.8 kB	2023-12-08	2024-08-20
Pretty URL saudesomnis.com.br/ IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 07:38 Last Seen2024-08-20 16:23 Times Seen3 Hash 128f2a91a6150c5af977d4e1fcd43a8f 031a003f4debf0467e501a04c722f803c4dae850 1bc9dfe2c8f6ed599a8c09bb72578d1d7cbd1381eb77d7ab0ccb2e6c6d847324 Loading...

	snapwidget.com/embed/545561	ScriptElement	914 B	2023-09-01	2024-08-21
Pretty URL snapwidget.com/embed/545561 IP 104.26.8.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-01 03:39 Last Seen2024-08-21 07:40 Times Seen73 Hash f5e72bc7e52c936528f8a3c592e69cc0 bc8eb2fdc23d5e1cc5cdf1e40cff96965ba8ddf6 6ecec9b173440553e46f59492a14c61e83af4bb0b5fd905260c296bd50223d7a Loading...

	saudesomnis.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	ScriptElement	90 kB	2023-03-08	2025-05-11
Pretty URL saudesomnis.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21 Last Seen2025-05-11 10:44 Times Seen6184 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	saudesomnis.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	ScriptElement	11 kB	2023-03-07	2025-05-11
Pretty URL saudesomnis.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 162.241.203.111 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:37 Times Seen21832 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

HTTP Transactions (111)

URL IP Response Size

saudesomnis.com.br/im/

162.241.203.111

302 Found

0 B

URL User Request GET HTTP/2
saudesomnis.com.br/im/
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /im/ HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: no-store
vary: Accept-Encoding
location: /
referrer-policy: 
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 06:38:02 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/

162.241.203.111

200 OK

44 kB

URL User Request GET HTTP/2
saudesomnis.com.br/
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (49929)
Size
44 kB (43644 bytes)
Hash
6fc3d17e82b5711dc19b28ee5a493b50
ece971d2f0de2d6147036b6070b485befd264249
5e971cd3e05949965f47e5f82eb96494aaa1111690eaa490d46ed9796d967ce8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 06:38:04 GMT
Server: Apache
Link: <http://saudesomnis.com.br/wp-json/>; rel="https://api.w.org/", <http://saudesomnis.com.br/wp-json/wp/v2/pages/76>; rel="alternate"; type="application/json", <http://saudesomnis.com.br/>; rel=shortlink
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Referrer-Policy: 
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

saudesomnis.com.br/wp-includes/css/classic-themes.min.css?ver=1

162.241.203.111

200 OK

189 B

URL GET HTTP/2
saudesomnis.com.br/wp-includes/css/classic-themes.min.css?ver=1
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text
Size
189 B (189 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:04 GMT
content-encoding: gzip
referrer-policy: 
content-length: 189
content-type: text/css
date: Fri, 08 Dec 2023 06:38:04 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/css/mainstyles.css?ver=1.7.4

162.241.203.111

200 OK

1.4 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/css/mainstyles.css?ver=1.7.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text
Size
1.4 kB (1380 bytes)
Hash
04d628d7fec988ec6adfcf3966e04e93
fac807895445c7d8b60be8a90851170c4f1c8d72
38f8ef6cfe25368397981d3a693db962095b8cbd7ba2fc1058dafe12e37a68db

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/css/mainstyles.css?ver=1.7.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 11 Mar 2020 20:19:54 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:04 GMT
content-encoding: gzip
referrer-policy: 
content-length: 1380
content-type: text/css
date: Fri, 08 Dec 2023 06:38:04 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/assets/animations/animations.min.css?ver=27.2.9.4

162.241.203.111

200 OK

6.8 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/assets/animations/animations.min.css?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (59452)
Size
6.8 kB (6813 bytes)
Hash
c22fb0dd757e1ced807273954f147634
396bb656bce997192a6e73f75d678b754d9ebc66
622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 12:14:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:04 GMT
content-encoding: gzip
referrer-policy: 
content-length: 6813
content-type: text/css
date: Fri, 08 Dec 2023 06:38:04 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=27.2.9.4

162.241.203.111

200 OK

13 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (364)
Size
13 kB (12837 bytes)
Hash
3b513906d04338606636721da3de2937
9574fdf8c6b90b1d140ab4892095844512f4fcca
6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 12:14:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:04 GMT
content-encoding: gzip
referrer-policy: 
content-length: 12837
content-type: text/css
date: Fri, 08 Dec 2023 06:38:04 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=27.2.9.4

162.241.203.111

200 OK

2.7 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (6505)
Size
2.7 kB (2733 bytes)
Hash
f81285dcfbad6bcd0ecfa031da4222ee
e285b4e561d9430bbcd567c04eef43a72eee691f
10f8e5f272c9ae8c8271ab51d7310aaf9c9bed694104dbe6ff10d99849d19ab8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 12:14:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:04 GMT
content-encoding: gzip
referrer-policy: 
content-length: 2733
content-type: text/css
date: Fri, 08 Dec 2023 06:38:04 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/css/responsive.css?ver=27.2.9.4

162.241.203.111

200 OK

18 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/css/responsive.css?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (612)
Size
18 kB (17812 bytes)
Hash
7a7a97bc8d7275163679b7ac815cae14
5a1b6ab57b1ac97247349c71b988533e9d6fbd95
e56f2bfdcf33c7b2d67dedc2f708a86d93c00fec24fd8bdbf147758c2e38805a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/css/responsive.css?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 30 Oct 2023 15:45:44 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:04 GMT
content-encoding: gzip
referrer-policy: 
content-length: 17812
content-type: text/css
date: Fri, 08 Dec 2023 06:38:04 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

162.241.203.111

200 OK

4.6 kB

URL GET HTTP/2
saudesomnis.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 4618
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/js/app.js?ver=1.7.4

162.241.203.111

200 OK

948 B

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/js/app.js?ver=1.7.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text
Size
948 B (948 bytes)
Hash
64ec20f56edf9a1103ba1af90aaa0561
889ec7005e6628da62980fe28f0fe0b339248961
56d15d81a6c226086c62f73192c074293594818496cf638fa5397ba1040d523e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/js/app.js?ver=1.7.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 11 Mar 2020 20:19:54 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 948
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

162.241.203.111

200 OK

8.3 kB

URL GET HTTP/2
saudesomnis.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
8.3 kB (8344 bytes)
Hash
034bd11ecaf6fb9240d905245e42e202
ff136c394ed95badfc0107fb98a890dcff642828
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 8344
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/js/menu.js?ver=27.2.9.4

162.241.203.111

200 OK

1.1 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/js/menu.js?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text
Size
1.1 kB (1075 bytes)
Hash
9273afb5226060534f29e2efad7eaa80
3ae8aad16159330a39a83e1068273214a4eecd01
e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/js/menu.js?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 12:14:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 1075
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=27.2.9.4

162.241.203.111

200 OK

533 B

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (1432)
Size
533 B (533 bytes)
Hash
78a582571f88d7d9d7443423712e80b2
53b9b049da924b291c9bc7f988ebb46f6a9cc227
c24a7908e8bccfb36947de91ab342f33f1c966b31f50ed1fb83d9d8b3d579a1f

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/js/plugins/enllax.min.js?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 12:14:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 533
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/js/plugins/visible.min.js?ver=27.2.9.4

162.241.203.111

200 OK

378 B

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/js/plugins/visible.min.js?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (480)
Size
378 B (378 bytes)
Hash
5d4ae3c17238c7d37f7bb54f61632cc6
64819d2b67c84697489945bcbebb587bdb08aedc
8ecf312a51fd23a6d2258191745ab900d7f393a4633515e0df6305cde42b1a3a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/js/plugins/visible.min.js?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 12:14:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 378
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/revslider/public/assets/assets/dummy.png

162.241.203.111

200 OK

68 B

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 23 Oct 2023 12:10:50 GMT
accept-ranges: bytes
content-length: 68
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/png
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=27.2.9.4

162.241.203.111

200 OK

297 B

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (350)
Size
297 B (297 bytes)
Hash
6cbc17c595baec9068f58eef5f001410
3a1b22a742cf6b54c47d639c06351d1b3121acd9
7c5a0e187e68ccbf13dafd079e2c46c7917cc60b6959e5a881da324958f34d92

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 12:14:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 297
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/assets/animations/animations.min.js?ver=27.2.9.4

162.241.203.111

200 OK

639 B

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/assets/animations/animations.min.js?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (1732)
Size
639 B (639 bytes)
Hash
2fcd6f71a7127832a97b771a9fe5482b
61643e25a6fc0b2b5cd3315d100970053db45d20
aeae8ba7d9c8ee997a8ddb5f5ec82381ed7851b750e4d1f466a1f19fad7a8462

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 12:14:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 639
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2

162.241.203.111

200 OK

4.8 kB

URL GET HTTP/2
saudesomnis.com.br/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (11760)
Size
4.8 kB (4757 bytes)
Hash
88407dc30b83ffa7dd834fe4a35307b7
857a3a007e5ea8d88123bb47019606618e19eb77
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 4757
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/img/whatsapp-logo-32x32.png

162.241.203.111

200 OK

1.1 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/img/whatsapp-logo-32x32.png
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1148 bytes)
Hash
247951a528f1c654c378b1cc02161528
e64a22682d119c5822b22202540bc515b6f7280d
e49970c0e24a6903f017792add41cc37f9a7b6b782c1bcca138351de51fffcf2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/img/whatsapp-logo-32x32.png HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 11 Mar 2020 20:19:54 GMT
accept-ranges: bytes
content-length: 1148
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/png
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.4

162.241.203.111

200 OK

5.3 kB

URL GET HTTP/2
saudesomnis.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (15660)
Size
5.3 kB (5321 bytes)
Hash
32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 5321
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888

162.241.203.111

200 OK

7.5 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Size
7.5 kB (7485 bytes)
Hash
04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saudesomnis.com.br/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 7485
content-type: application/font-woff
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/js/parallax/translate3d.js?ver=27.2.9.4

162.241.203.111

200 OK

1.4 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/js/parallax/translate3d.js?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text
Size
1.4 kB (1439 bytes)
Hash
8deff7985db0ab5eeeb88c9039438c61
631008039e2d67299ca555589b719cfbf273ed39
19906e9585e0f90c005878ee2c63fcd8d1ed933a0ef6bea16bb1a2226b075b40

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 12:14:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 1439
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.18

162.241.203.111

200 OK

17 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.18
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
Unicode text, UTF-8 text, with very long lines (12602)
Size
17 kB (16624 bytes)
Hash
08f3fa5cd7040c88c7ddf43deadde2a9
cd026e9a65b6c13b7140a87f2d550ecc165b1af2
d2a7a173045c7ed2c9474ee0edd3ebc0389454132b0a16e55b3eae6402c46a05

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.18 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 23 Oct 2023 12:10:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 16624
content-type: text/css
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=27.2.9.4

162.241.203.111

200 OK

17 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (634)
Size
17 kB (16751 bytes)
Hash
0ba3e2243f42575817b07fcadacf8269
50ed3259514f428897730c9d429974bdc72eb988
6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 12:14:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 16751
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=27.2.9.4

162.241.203.111

200 OK

9.2 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (20134)
Size
9.2 kB (9200 bytes)
Hash
292bcdf90948053977b80f167878eb64
c22cf9127f7ac360c63d9787648498687d4fe26a
82705acbecdd84306ce33e08f576eca6a688896895e6e48d1c36a4071fcba14e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 12:14:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-length: 9200
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7

162.241.203.111

409 Conflict

83 B

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 08 Dec 2023 06:38:04 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/10/83004f_b871df1a4bd64c4d8fe18f0f8ff7d48e.png

162.241.203.111

200 OK

4.4 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/10/83004f_b871df1a4bd64c4d8fe18f0f8ff7d48e.png
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
PNG image data, 36 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 kB (4415 bytes)
Hash
587950e06a4652693efb901bff5264bd
9763ac2c8fb679add5c52bd5c3009bb530a3a83a
3a2341d3256061fea064b153fffe60a19f7d47a16b08df43f261b50eae333ed4

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/10/83004f_b871df1a4bd64c4d8fe18f0f8ff7d48e.png HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 10 Oct 2017 20:37:59 GMT
accept-ranges: bytes
content-length: 4415
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/png
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/10/Ativo-1.png

162.241.203.111

200 OK

8.0 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/10/Ativo-1.png
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
PNG image data, 521 x 300, 8-bit colormap, non-interlaced\012- data
Size
8.0 kB (8014 bytes)
Hash
c01c6cc4697e2f180f727d5935a30386
d384491c059fac1cc26dee41c842ad48681bf9dc
49f250c926c26355e97123e58b349af2cc68b7eb01b2ac89b0e2453f1aabb3d9

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/10/Ativo-1.png HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 19:11:34 GMT
accept-ranges: bytes
content-length: 8014
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/png
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7

162.241.203.111

409 Conflict

83 B

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://saudesomnis.com.br/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://saudesomnis.com.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 23:21:56 GMT
expires: Fri, 06 Dec 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 26169
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://saudesomnis.com.br/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://saudesomnis.com.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:33 GMT
expires: Fri, 06 Dec 2024 15:40:33 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 53852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://saudesomnis.com.br/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://saudesomnis.com.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:49:49 GMT
expires: Fri, 06 Dec 2024 15:49:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 53296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

216.58.207.227

200 OK

34 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://saudesomnis.com.br/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34288, version 1.0\012- data
Size
34 kB (34288 bytes)
Hash
71221d6bf4204042b1bbc3902d08a81b
92a10d7982d33e1e216ee8e1aec79c3ae8bcb8b6
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

HTTP Headers

GET /s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://saudesomnis.com.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 23:22:01 GMT
expires: Fri, 06 Dec 2024 23:22:01 GMT
cache-control: public, max-age=31536000
age: 26164
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://saudesomnis.com.br/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://saudesomnis.com.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 23:21:56 GMT
expires: Fri, 06 Dec 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 26169
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.4

162.241.203.111

200 OK

18 kB

URL GET HTTP/2
saudesomnis.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
gzip compressed data, from Unix\012- data
Size
18 kB (18169 bytes)
Hash
6d5091fbede46a09e32ba214322f346b
85b682de94af9eac59dcbb028f06307411c7068d
77c5f421fcbcabf839ee1cd8e92c738099b879355f07490443c87a842bd2c92b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 23 May 2023 19:59:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:04 GMT
content-encoding: gzip
referrer-policy: 
content-type: text/css
date: Fri, 08 Dec 2023 06:38:04 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/fonts/mfn/icons.woff2?77488472

162.241.203.111

200 OK

72 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/fonts/mfn/icons.woff2?77488472
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
Web Open Font Format (Version 2), TrueType, length 72168, version 1.0\012- data
Size
72 kB (72168 bytes)
Hash
1efc5c4da909cb2a768f5c92f6dd0701
fa40cd9c0bed538020052fa5d566058a37cd57f9
5e27146b07a3a1b9a0c06e72d18ccc8a002b9eac83edcbc5afed5800ba4d398a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/fonts/mfn/icons.woff2?77488472 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/wp-content/themes/betheme/css/be.css?ver=27.2.9.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 72168
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
vary: Accept-Encoding
referrer-policy: 
content-type: application/font-woff2
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/convergence/v15/rax5HiePvdgXPmmMHcIPYShdu08.woff2

216.58.207.227

200 OK

9.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/convergence/v15/rax5HiePvdgXPmmMHcIPYShdu08.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://saudesomnis.com.br/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9476, version 1.0\012- data
Size
9.5 kB (9476 bytes)
Hash
04c967f6f0b6a812ad0c9f4bc1470a42
053006c5357ea2387243e9564f174e4ed0133fb0
9cafeba2221ac4bfd2fccf13476c7752ba814e167bd363b73bf4c1ee9e54a9f2

HTTP Headers

GET /s/convergence/v15/rax5HiePvdgXPmmMHcIPYShdu08.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://saudesomnis.com.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9476
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:03:03 GMT
expires: Fri, 06 Dec 2024 16:03:03 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:25:54 GMT
content-type: font/woff2
age: 52502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/03/servicos-somnis-img-gyrotonic02.jpg

162.241.203.111

200 OK

26 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/03/servicos-somnis-img-gyrotonic02.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x500, components 3\012- data
Size
26 kB (25459 bytes)
Hash
bccd52f9d6381309b54b03a69e99bea1
363abb55d2394df9aaeb642fae09c85809f05132
b9436b3e49f66fbf52a1c703e5a8c9eaccbbc9ea0d38317bab7b2843a0dc86d9

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/03/servicos-somnis-img-gyrotonic02.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 19:08:34 GMT
accept-ranges: bytes
content-length: 25459
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/03/servicos-somnis-img-pilates.jpg

162.241.203.111

200 OK

34 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/03/servicos-somnis-img-pilates.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x500, components 3\012- data
Size
34 kB (34425 bytes)
Hash
63dbd8a9bf2e18bf8adf0dff8183801b
49393c2020535a5836674d4b538acd3fecba66a8
86b3452ec6dfcf5a0d50db06340fa3223032e118ba8b03e769b9f91e6c09098f

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/03/servicos-somnis-img-pilates.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 18:59:48 GMT
accept-ranges: bytes
content-length: 34425
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/03/servicos-somnis-img-gyrotonic01.jpg

162.241.203.111

200 OK

23 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/03/servicos-somnis-img-gyrotonic01.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x500, components 3\012- data
Size
23 kB (23083 bytes)
Hash
405936c92026b4bb320cd4c05fa5ab76
06b556f738cf5eac1791536f76f41a5821782e69
6623186b48f773b31d27fb914e881fb02b4b86dc5b121d0c7ed500cc267aab3f

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/03/servicos-somnis-img-gyrotonic01.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 19:11:21 GMT
accept-ranges: bytes
content-length: 23083
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/03/servicos-somnis-img-rpg.jpg

162.241.203.111

200 OK

20 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/03/servicos-somnis-img-rpg.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x500, components 3\012- data
Size
20 kB (19751 bytes)
Hash
2330c53abbdef117eaf85ba89078fff1
161cc909908911035566e3adeac29012c557887a
bc4d6ce6b20cae677f1f39624bf59f7ac68a51d34b62fa861df15cdd438e09e8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/03/servicos-somnis-img-rpg.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 18:57:37 GMT
accept-ranges: bytes
content-length: 19751
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/03/home_stone_box_sep.png

162.241.203.111

200 OK

978 B

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/03/home_stone_box_sep.png
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
PNG image data, 3 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
978 B (978 bytes)
Hash
93250c8f454063b4cd88a0b175b8ee64
66ca6a98c640fb072f2538f0be5f1672a7281557
50f0768a3bfee72ec8d9df8d7b8f43eee16ee1ce85bcc1abae2dc317c7c4b77b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/03/home_stone_box_sep.png HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sat, 16 Dec 2017 17:33:18 GMT
accept-ranges: bytes
content-length: 978
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/png
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2018/09/galeria-de-sonhos-home-02-min.jpg

162.241.203.111

200 OK

30 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2018/09/galeria-de-sonhos-home-02-min.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x650, components 3\012- data
Size
30 kB (29907 bytes)
Hash
f19c8941d770d30c73c3b21c8c883a79
974ded26d9950304ad030a8be045232e8573a8ca
4af9023d30dc7d6a0e2ced9ef0a27cbdb829be3741bee00f0dc5224da97489e7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2018/09/galeria-de-sonhos-home-02-min.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 18:07:27 GMT
accept-ranges: bytes
content-length: 29907
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7

162.241.203.111

409 Conflict

83 B

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/12/home-nossos-servicos.jpg

162.241.203.111

200 OK

15 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/12/home-nossos-servicos.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x850, components 3\012- data
Size
15 kB (15352 bytes)
Hash
8c0d68c82eb53e5f74696726f38a44eb
929b052b5137f7d890f1b29c691e5659e7dbe544
d9f87ae1fb51daa5088a541487b7bb79cd76c56cb70014f765583aa9555ad48d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/12/home-nossos-servicos.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 18:58:58 GMT
accept-ranges: bytes
content-length: 15352
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/css/be.css?ver=27.2.9.4

162.241.203.111

200 OK

137 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/css/be.css?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
gzip compressed data, from Unix\012- data
Size
137 kB (137422 bytes)
Hash
948fa228acd1e7af8739bf8c81a2ad81
9f6fb867aabc9c19308c71fda4bb483e2bf24f4d
7bf215793c5f9acdd95447e84881fa2843e6466b62e3014aa8fc938b231bca3e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/css/be.css?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 24 Oct 2023 12:42:10 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:04 GMT
content-encoding: gzip
referrer-policy: 
content-type: text/css
date: Fri, 08 Dec 2023 06:38:04 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/03/servicos-somnis-img-nutricao.jpg

162.241.203.111

200 OK

17 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/03/servicos-somnis-img-nutricao.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x500, components 3\012- data
Size
17 kB (16736 bytes)
Hash
672dd7cc517a1724cf8298f9b397061a
1bb564733d17ab9a22235e300e7baffcd5694880
e9225e2d1acca0ded289fc38ddd9bd902b35f65192e250b621b1e5b7be4747a8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/03/servicos-somnis-img-nutricao.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 19:06:54 GMT
accept-ranges: bytes
content-length: 16736
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2023/11/logomarca-octo-mais-agencia-de-marketing-em-fortaleza.png

162.241.203.111

200 OK

4.3 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2023/11/logomarca-octo-mais-agencia-de-marketing-em-fortaleza.png
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
PNG image data, 200 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4277 bytes)
Hash
9c65b2c04f1f4600991fc244bad2df58
921a0437b5ad47102d194186e19d527f37315115
09c08906c767e7a11feb3aa83dc3c58aeff96633a5222e5fd01bc96c263f291d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/11/logomarca-octo-mais-agencia-de-marketing-em-fortaleza.png HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 20 Nov 2023 14:44:36 GMT
accept-ranges: bytes
content-length: 4277
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/png
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/

162.241.203.111

200 OK

74 kB

URL User Request GET HTTP/2
saudesomnis.com.br/
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
gzip compressed data, from Unix\012- data
Size
74 kB (73588 bytes)
Hash
78496d7b81fb891fb6e7a4c734b55437
7e56f651a49d235a5a3fedfa7b9a5b336909c5ba
76368bca48c25204eaeb47d41b7dcde81b5155a01360de46a2295b79c482fa2e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
link: <https://saudesomnis.com.br/wp-json/>; rel="https://api.w.org/", <https://saudesomnis.com.br/wp-json/wp/v2/pages/76>; rel="alternate"; type="application/json", <https://saudesomnis.com.br/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 06:38:03 GMT
server: Apache
X-Firefox-Spdy: h2

snapwidget.com/js/vendor/vjslider.min.4d30fbdabde8231b.js

104.26.8.123

200 OK

2.0 kB

URL GET HTTP/2
snapwidget.com/js/vendor/vjslider.min.4d30fbdabde8231b.js
IP
104.26.8.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint78:E0:FD:2B:4A:C5:B2:F0:9C:D0:38:C6:72:30:05:48:B5:67:12:C6
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4764), with no line terminators
Size
2.0 kB (2044 bytes)
Hash
4d30fbdabde8231bded0e3ae86f269cc
c4e60d206b9526cbda55e9e341473a24176a7890
823662f83b894a3a8eaa3864e5a7c3d0eb75e1a6ecdfe12dc37461a9a5beaeca

HTTP Headers

GET /js/vendor/vjslider.min.4d30fbdabde8231b.js HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/embed/545561
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:05 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"65278fd4-129c"
last-modified: Thu, 12 Oct 2023 06:19:00 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 957426
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shBojw2MRr9h8gF6ou5umTZ6vNPmCA37vIn4EdFtLOnBd7FrG2Cp%2FiyMkRsZ8sIrXlE4V0P0cnTor09DbqaCkOUcLFtLnrUo%2FE1WG9I4YqtSCzpphErDLmNOsNkmSqxv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 832300e72d14b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

snapwidget.com/js/embed.main.min.65b73ba9362828bd.js

104.26.8.123

200 OK

3.4 kB

URL GET HTTP/2
snapwidget.com/js/embed.main.min.65b73ba9362828bd.js
IP
104.26.8.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint78:E0:FD:2B:4A:C5:B2:F0:9C:D0:38:C6:72:30:05:48:B5:67:12:C6
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3096), with no line terminators
Size
3.4 kB (3387 bytes)
Hash
65b73ba9362828bdcdb610040303ff6c
d742460cc0f9afed03d6d0d666c22b05cfb34725
afa5120ec9d40721c773d23041f6cefe9e1894c9a8d7387b1cbd3d8e60a2ffc5

HTTP Headers

GET /js/embed.main.min.65b73ba9362828bd.js HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/embed/545561
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:05 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"6548a382-c18"
last-modified: Mon, 06 Nov 2023 08:27:46 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1385986
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8myakCSTDqy%2F6oqWTBQr8QOUscnZzTnwnSnkhupK0wk%2BnY0xpbXVjWtuZcXql0vKqYUpXyWRNwrCjchE%2BwKWZw96PYs7vYyCTyO0W6eo7q%2BCBgOIsG206NwYVGz%2BBM3g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 832300e72d11b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

snapwidget.com/embed/545561

104.26.8.123

200 OK

101 kB

URL GET HTTP/2
snapwidget.com/embed/545561
IP
104.26.8.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://saudesomnis.com.br/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint78:E0:FD:2B:4A:C5:B2:F0:9C:D0:38:C6:72:30:05:48:B5:67:12:C6
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2187)
Size
101 kB (101445 bytes)
Hash
b025f9a2455bdf1ee6130048e6895f11
c891567ce5dd58cf9f627975bf3475902896aeb2
346d0e20d46cd1ed97fd8eae09ae73815303dd23d90d4a4729cf3cd9a33a5913

HTTP Headers

GET /embed/545561 HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=300
expires: Fri, 08 Dec 2023 06:40:05 GMT
x-robots-tag: all
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
last-modified: Fri, 08 Dec 2023 06:35:16 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mi1y6xkXRH60oU5NpPPe5CwGdo%2BBlRsetVYI1AP6uRe8PdZaeZPujVYGYUGqbFkqCaTrJFREr%2FTOUJzEz631rgF2qakg30Bb4kePNweLKuwfOfv9D5k%2FafxIdrBnaHtd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 832300e50be5b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

104.16.57.101

200 OK

6.9 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
IP
104.16.57.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19986), with no line terminators
Size
6.9 kB (6854 bytes)
Hash
dd1d068fdb5fe90b6c05a5b3940e088c
0d96f9df8772633a9df4c81cf323a4ef8998ba59
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

HTTP Headers

GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://snapwidget.com
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300e77d47b529-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/10/institucional-somnis-selo.jpg

162.241.203.111

200 OK

62 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/10/institucional-somnis-selo.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1080x1080, components 3\012- data
Size
62 kB (62368 bytes)
Hash
6a8df2bec3f96aba904b179dfcc1a6b4
1b92e1e622b76c331448a467981a89f5c75ddca2
de39caead1843891a3acc1e252599504d9f5060b7b8e22793fe3bf93d3a38dce

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/10/institucional-somnis-selo.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 29 Oct 2017 20:34:06 GMT
accept-ranges: bytes
content-length: 62368
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:06 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:06 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/10/sonho.png

162.241.203.111

200 OK

9.3 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/10/sonho.png
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
PNG image data, 365 x 179, 8-bit/color RGBA, non-interlaced\012- data
Size
9.3 kB (9285 bytes)
Hash
dd8e31888a598d11255aefe0e05d9730
f1d57a3182c7d9b7cccc5a144263ab682e2495bd
1eb41cd263cd47c8e0f54dcb4030573cac73c2710e43cacbed4e2ca3160e598c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/10/sonho.png HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 27 Oct 2017 19:18:17 GMT
accept-ranges: bytes
content-length: 9285
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:06 GMT
referrer-policy: 
content-type: image/png
date: Fri, 08 Dec 2023 06:38:06 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/10/banner-principal-home-sonho.jpg

162.241.203.111

200 OK

36 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/10/banner-principal-home-sonho.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x750, components 3\012- data
Size
36 kB (35946 bytes)
Hash
a3c32a7fc37ef80574a4771136be9463
1a8e6b0df7f4d3399711f2107261631e03e44d5b
8e017efe598cd2398a2bbc765980d82383c157a45c641e6507f3420e270553e2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/10/banner-principal-home-sonho.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 19:05:50 GMT
accept-ranges: bytes
content-length: 35946
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:06 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:06 GMT
server: Apache
X-Firefox-Spdy: h2

snapwidget.com/js/embed.vendor.min.2f17f0b14ee46c5a.js

104.26.8.123

200 OK

1.5 kB

URL GET HTTP/2
snapwidget.com/js/embed.vendor.min.2f17f0b14ee46c5a.js
IP
104.26.8.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint78:E0:FD:2B:4A:C5:B2:F0:9C:D0:38:C6:72:30:05:48:B5:67:12:C6
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2529), with no line terminators
Size
1.5 kB (1465 bytes)
Hash
2f17f0b14ee46c5adcbf1c9950a83f0c
bdee0cea60eea9f836578a9e25a0751cac967517
21a2e6c484de0c29d96ec0ac407ee0603dfd95741951506ed7a1bcbc6a6db4bc

HTTP Headers

GET /js/embed.vendor.min.2f17f0b14ee46c5a.js HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/embed/545561
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:05 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"6548a375-9e1"
last-modified: Mon, 06 Nov 2023 08:27:33 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1308322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmKXJocQcB5L7j4DwQ34%2FyT%2FJ2hfVZHCvUVyVci1kVJWxf0PlNReqEqCNA5Cq9H%2BPGyO76xFhr5KuuIaPX%2Bot%2BPjvasRFQZXeMIB4dn%2Fw8afYHEO2gdCjs%2BqDKiuNWPq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 832300e72d10b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/8f31c60bfbfcd2ed3b67cf2877177cf4/5BF70F0B/t51.2885-15/sh0.08/e35/s640x640/36785556_409545906217599_3754112509775183872_n.jpg

172.67.71.109

200 OK

52 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/8f31c60bfbfcd2ed3b67cf2877177cf4/5BF70F0B/t51.2885-15/sh0.08/e35/s640x640/36785556_409545906217599_3754112509775183872_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x514, components 3\012- data
Size
52 kB (52456 bytes)
Hash
4a5585ec4eb6d5c6597335b2cfc708da
4c1a1c4f614f00e8b5d4c488d7ae7d7e2c776dca
11e042e3ce3285b834be935928cd8a7279c8558902cd418abeff642080f6d014

HTTP Headers

GET /vp/8f31c60bfbfcd2ed3b67cf2877177cf4/5BF70F0B/t51.2885-15/sh0.08/e35/s640x640/36785556_409545906217599_3754112509775183872_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 52456
cf-bgj: imgq:100,h2pri
cf-polished: origSize=54101
etag: "a6c1c42476cca6d19cbf2ea712957ea1"
last-modified: Mon, 13 Aug 2018 20:37:08 GMT
x-amz-id-2: pjkjsMh9p8FIoTTSlRCutt3FKaq5ya3qBZSXOgY1BetdCycwRGhfJ5sR2p2bMWFiatRAh31Q+BE=
x-amz-request-id: CMPW180KPB8J0851
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2%2BO8pHfXGC2TU2JY23k6%2BOo7%2F0xudNheEOpyig8YUt%2F%2BSug54iJpZ%2BVXbEPFxjGBUH2aa7ztlv2kmxIkLmC%2BAOBtW%2BrlWgLRQCnzl3ZcKw4idcdvU%2BCOjYCVYdY%2FQdp9HywTe0apwlOUfD8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea5be156c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/80fd4dcc96c776dea4995eac6777cebc/5BF1BED0/t51.2885-15/sh0.08/e35/s640x640/38097216_2229127983773078_456301122278129664_n.jpg

172.67.71.109

200 OK

68 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/80fd4dcc96c776dea4995eac6777cebc/5BF1BED0/t51.2885-15/sh0.08/e35/s640x640/38097216_2229127983773078_456301122278129664_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
68 kB (67888 bytes)
Hash
09a3ed8a868160c43faf2eff8bc64dc9
dc9a228ede9e282f8946f98900f10101422b84a0
5a53559c3a74065f375af394ba4d31357646868b5941e01ca343005d8fc468a0

HTTP Headers

GET /vp/80fd4dcc96c776dea4995eac6777cebc/5BF1BED0/t51.2885-15/sh0.08/e35/s640x640/38097216_2229127983773078_456301122278129664_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 67888
cf-bgj: imgq:100,h2pri
cf-polished: origSize=69707
etag: "fc3c555421c1417d117377d9c5279599"
last-modified: Mon, 13 Aug 2018 20:43:27 GMT
x-amz-id-2: G9wNrH1pi9A8ejHlbw3eoyVspQ2ETg+ncaOAjnPvH/HSBMXTTL484oURsZSZLHWmMnX5EZdUiUU=
x-amz-request-id: CMPK6SNGR9GEKM3Z
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulcWcMfOmmRvNCeytEqPjHcDi%2B5A7QUJlkN60WjVTc4xSpOwVq0dwZP4Q8U2zhfgnfbvMD5nl6aIVK5IIA9OQghqLfqJtl61xJ0JvYbjzIcVpIW5jyNSn7cm%2Bhz68NsdnpSXn3dUvFKu1uEW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6be656c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/0177ea63373df7448d8df310711c5b29/5BF77597/t51.2885-15/sh0.08/e35/s640x640/36666023_1600821813380149_5305566387714916352_n.jpg

172.67.71.109

200 OK

31 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/0177ea63373df7448d8df310711c5b29/5BF77597/t51.2885-15/sh0.08/e35/s640x640/36666023_1600821813380149_5305566387714916352_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x480, components 3\012- data
Size
31 kB (31188 bytes)
Hash
4f71fd7fff0a1a0b0fb6730b383c6092
8fdfb2085993f62e6a97151bd863b7d93e95dd57
500ca6261790c0fd1e5f544470139e7d4f22214e02b57d1f134909ce4cf9c37b

HTTP Headers

GET /vp/0177ea63373df7448d8df310711c5b29/5BF77597/t51.2885-15/sh0.08/e35/s640x640/36666023_1600821813380149_5305566387714916352_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 31188
cf-bgj: imgq:100,h2pri
cf-polished: origSize=32464
etag: "4292a1c1da1c8f2acd8387fd091fafa3"
last-modified: Mon, 13 Aug 2018 20:37:02 GMT
x-amz-id-2: BTOj+DNgeW1y3WYE3DYrv49WkSL7oYtMkfDirGwQBYbMEz44UuaUyPWEtW2KwK2mWjivPZn4TOM=
x-amz-request-id: CMPYWJ3Q8A63RN3V
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYRueov7vPBC9RXPnTjTSAzOLAlY7uRpDkiNh9ydludPCBvsz%2BYTMKFVkn6zc6fPUvSXBGPIXSH8OsKp6DaDsF8rTEPHBBo9gyytWTZY%2F1%2BvH607rDtTrFWgKyqqKafDDvyFeBLdT%2Bv%2FwPMu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea5be256c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/5cf68d5731657a85a5b66d621a9d582f/5C00AA68/t51.2885-15/sh0.08/e35/p640x640/38817427_252568925372320_3736352884430733312_n.jpg

172.67.71.109

200 OK

54 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/5cf68d5731657a85a5b66d621a9d582f/5C00AA68/t51.2885-15/sh0.08/e35/p640x640/38817427_252568925372320_3736352884430733312_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x800, components 3\012- data
Size
54 kB (54502 bytes)
Hash
9306833c35650f4bc53b93b8c730a6cb
bb02b89531ff02ab6345a9b2e4b2c072afad3565
f44482acb0a126ed2f36dc27d5bfcfa5d2b7987c22e0710d207c7f71ebd199a0

HTTP Headers

GET /vp/5cf68d5731657a85a5b66d621a9d582f/5C00AA68/t51.2885-15/sh0.08/e35/p640x640/38817427_252568925372320_3736352884430733312_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 54502
cf-bgj: imgq:100,h2pri
cf-polished: origSize=56470
etag: "1221902f7292a18299628ab492163d75"
last-modified: Mon, 13 Aug 2018 20:46:11 GMT
x-amz-id-2: V6rtcSe5ZQuvQs0X2ijk058vpKEJg4X0mNK5BkaU4FGNiRyufMhuIfLjxuEuDDteshisII9HriY=
x-amz-request-id: CMPMA0JJ7HDKE75F
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdgHM6cABfzGGsCaDLc81ZnbsTCBYAJjeZ9Iyn4a2LeUmG1urvBcgHXufB5Ekk3qptSnrXcytNY4QfSeCPJmihDT6g8BpXy7oo4hoNSyfRmA%2Fj3S57lPj%2FN8svy08nA2tf9U5%2BGrYEiV%2FsYf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6be456c0-OSL
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

162.241.203.111

200 OK

101 kB

URL GET HTTP/2
saudesomnis.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
gzip compressed data, from Unix\012- data
Size
101 kB (101097 bytes)
Hash
e757854f8b0569f256aee24e4b60a792
146bbe016f02af4ab51be4199b7aed190220ac48
881152a856f6ceb5f241f795d83e2804ed7584cce5ce239f157f8ee6d23eb995

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:04 GMT
content-encoding: gzip
referrer-policy: 
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:04 GMT
server: Apache
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/92ba2453bc497819b5333883a4ed2257/5C0ADC12/t51.2885-15/sh0.08/e35/p640x640/37933874_1888162501264308_924061749877932032_n.jpg

172.67.71.109

200 OK

77 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/92ba2453bc497819b5333883a4ed2257/5C0ADC12/t51.2885-15/sh0.08/e35/p640x640/37933874_1888162501264308_924061749877932032_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x800, components 3\012- data
Size
77 kB (77299 bytes)
Hash
ef008245ac7789144163ca4561c0ab6c
e390e2efb4910bdb47f4ce651d6799dc428620fa
f2cd889bf0e80c73c7c7e3dbec75715ea4cb30499ab9100fc24c0fe921631ed4

HTTP Headers

GET /vp/92ba2453bc497819b5333883a4ed2257/5C0ADC12/t51.2885-15/sh0.08/e35/p640x640/37933874_1888162501264308_924061749877932032_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 77299
cf-bgj: imgq:100,h2pri
cf-polished: origSize=79740
etag: "de7cbadce749d8f549552723dcf314e3"
last-modified: Mon, 13 Aug 2018 20:43:16 GMT
x-amz-id-2: 2XaTtNCONaluIJFbIyPS2emQpthpIfw4daBbeSQ9HG+b0/1vLh2rPlTmhrqKQyfUle6OP7ql+z8=
x-amz-request-id: CMPQNN6TQ18BPVGG
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58tvM8Ojxvw0bxixjVURGwlOePzth4rNhds05CrTs0HJaa2bG7xr%2Bofeds4PlVxD5gpsoG8a1U2AYllgTvdEGP0KemE%2BaajGZad7lKczjwxaJ0fLJVwmhVEKOvnMJT7y8Bqg0GOtK0Yo68KP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6be956c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/cc01c345c976929d5c45d14a0cc71804/5BFD7039/t51.2885-15/sh0.08/e35/p640x640/38828811_477784799356664_4914855351691509760_n.jpg

172.67.71.109

200 OK

76 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/cc01c345c976929d5c45d14a0cc71804/5BFD7039/t51.2885-15/sh0.08/e35/p640x640/38828811_477784799356664_4914855351691509760_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x800, components 3\012- data
Size
76 kB (76413 bytes)
Hash
66d44f7b33d047f0b44d0cfb0486da34
d4c542e2ba0a8d846a42ef00b2c2c9a682770123
ee7250677786283a40dd86fc9a30d6ce6a5b7a5567798a007369bdfae66574e3

HTTP Headers

GET /vp/cc01c345c976929d5c45d14a0cc71804/5BFD7039/t51.2885-15/sh0.08/e35/p640x640/38828811_477784799356664_4914855351691509760_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 76413
cf-bgj: imgq:100,h2pri
cf-polished: origSize=79281
etag: "34310a93bc5f731583db6a8674a698ec"
last-modified: Mon, 13 Aug 2018 20:42:55 GMT
x-amz-id-2: Ew8v+pBXlpotn/gbGjYIF5mll3oAnECGiZXaMVVpiN5PxYkm8Vd8D7+hZyR/k2BoLUiKL4I3t+I=
x-amz-request-id: CMPPVDAV6CKY1KG8
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFifrgfLD0%2FxSgnt4FDvgBA%2FvaGxmOSTSw7RogxTockN1VIhSOi19t44OOLqfGZZhLIEoO4eZuH2loEeyyN3wE9i5bAmHyXH63DzY9ocT6TBOH%2FckmWV6lQEcT8JM4a5T1N%2FrbXxXLPraEBf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6bea56c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/d376cf6f536a691bde372864b05f2d79/5C062673/t51.2885-15/sh0.08/e35/s640x640/36826200_250883742198011_946112468457881600_n.jpg

172.67.71.109

200 OK

77 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/d376cf6f536a691bde372864b05f2d79/5C062673/t51.2885-15/sh0.08/e35/s640x640/36826200_250883742198011_946112468457881600_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
77 kB (76694 bytes)
Hash
ef17a064ed0f85a771f565512d4fee43
d71e402cdee677076ee3fa53e0bb68336f9cfec2
6d2de7e32a5aa1981fdd398be1a2fb0be783f065322c9ba7b627e153e128b505

HTTP Headers

GET /vp/d376cf6f536a691bde372864b05f2d79/5C062673/t51.2885-15/sh0.08/e35/s640x640/36826200_250883742198011_946112468457881600_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 76694
cf-bgj: imgq:100,h2pri
cf-polished: origSize=79053
etag: "4ea0b2f54cd654efe6b484ef387760b7"
last-modified: Mon, 13 Aug 2018 20:37:25 GMT
x-amz-id-2: SHEPRVlcVQcoosFu+cMzfVfjA7Eb1bXXMvBOl5ta+s8JXuK8Xxmyt/JDs+Z+SQ0sJlG4aV1n83Rt5+w4Ri3N3TzXM/DgeX+XbCCON+9dPts=
x-amz-request-id: CMPYWHK7SZBK8VXN
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2d9A5BSJIHZwL75yX8lsEC9nRPD%2Bm76Sw0JraxUV8qGDPSCIQBXAnLvmJhiKEWLF8bP%2BaF%2BrI%2F%2FCko74LqLr%2FQLTuHh5bqeWQEQFoO8UHBFb9mPdPJnETbGOBt96aaqITAD9Gf60zECj7B3%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6bf256c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/4b0fe8946b91145b006c1ac66f300f25/5C024F92/t51.2885-15/sh0.08/e35/p640x640/38081888_213907019291064_7490620468295106560_n.jpg

172.67.71.109

200 OK

52 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/4b0fe8946b91145b006c1ac66f300f25/5C024F92/t51.2885-15/sh0.08/e35/p640x640/38081888_213907019291064_7490620468295106560_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x800, components 3\012- data
Size
52 kB (51465 bytes)
Hash
5842242db55d7bb38d6d8454c0041c66
5093d628f280e26ffa31217fcd434f749ad5a544
5bf5196c87d043249497885d8399e5c520ea925d8c5e313103252dbe8bd04090

HTTP Headers

GET /vp/4b0fe8946b91145b006c1ac66f300f25/5C024F92/t51.2885-15/sh0.08/e35/p640x640/38081888_213907019291064_7490620468295106560_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 51465
cf-bgj: imgq:100,h2pri
cf-polished: origSize=53408
etag: "a3ee18cfcd46e4907277888295443465"
last-modified: Mon, 13 Aug 2018 20:37:29 GMT
x-amz-id-2: SpXDxBpVevTrqLm/y2mIUmD5GAazQOZ3lSBMdg9LCjbqNuwocXy8+3qePvtSw3BrfRpnautlRH4=
x-amz-request-id: CMPWBJXJ5KTBYKDR
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIDKdMtoFF%2Frlr9MdikETshCzyRlT4fc40gg%2FWjJcEjHO3DogBiniQcNJM7kDzMcQ3Wnj39QLYjKZAMXkvwbofExrlL8f4JA7QhFih3maWUv76BI2Nqw7yYYSqUcpE9Qp3%2FSr8DUUQhD8wYg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6bef56c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/5c5618002ab8e68bf38efb57009c2eb5/5BED10BA/t51.2885-15/sh0.08/e35/s640x640/37707120_268307070429615_5164999770338492416_n.jpg

172.67.71.109

200 OK

54 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/5c5618002ab8e68bf38efb57009c2eb5/5BED10BA/t51.2885-15/sh0.08/e35/s640x640/37707120_268307070429615_5164999770338492416_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
54 kB (54107 bytes)
Hash
e74dd6118110fe131795fa725fe7ac5e
1b98268eec0f9f9558bc942e98c1a89dd04a9eab
146c0954861ca92b128c21b46da31604651cfdbc2ea3e7b5a3e0755b2c94841b

HTTP Headers

GET /vp/5c5618002ab8e68bf38efb57009c2eb5/5BED10BA/t51.2885-15/sh0.08/e35/s640x640/37707120_268307070429615_5164999770338492416_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 54107
cf-bgj: imgq:100,h2pri
cf-polished: origSize=55478
etag: "1cf9a621ed5f09d91abf0893f12a0be9"
last-modified: Mon, 13 Aug 2018 20:37:25 GMT
x-amz-id-2: 0YOV38+BhfWWjKNymOSB+lTSVKBhr3B+Av5X6wW8+x3lQtAJIATEhN6CzO1ewIWyZgygBvrCA8g=
x-amz-request-id: CMPKY8S0XZPN1WT3
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BYa5n1IW8fCsAmSoAxm7bYX5h2MdLkWAtJ5Tl2qEt2XANmdihhlHKSObEu2luZjx4%2FQDj%2BnFuUHUUqsgwrCtuL45Kv93J99GTSUmLPFBZvxVk24MqcyA7TlFBvTcXgqdts8ukRZdVT9YX2Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6bf356c0-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat%3A1%2C400%2C400italic%2C700%2C700italic%7CLato%3A1%2C400%2C400italic%2C700%2C700italic&display=swap&ver=6.1.4

142.250.74.106

200 OK

82 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat%3A1%2C400%2C400italic%2C700%2C700italic%7CLato%3A1%2C400%2C400italic%2C700%2C700italic&display=swap&ver=6.1.4
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://saudesomnis.com.br/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
82 kB (82276 bytes)
Hash
aa60fee6d23dc17e9575f2f1a96b2b24
51e2df7321e51379fd4859f92164d219565741fe
9d713be48eab8a34123f0bb3942f1cd35abfd5c888bacf8c242028500b4398c6

HTTP Headers

GET /css?family=Montserrat%3A1%2C400%2C400italic%2C700%2C700italic%7CLato%3A1%2C400%2C400italic%2C700%2C700italic&display=swap&ver=6.1.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 06:38:05 GMT
date: Fri, 08 Dec 2023 06:38:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/0ad0f9e52720e9d75cea294e18d27dba/5BFC9E0A/t51.2885-15/sh0.08/e35/s640x640/37869122_929385923921734_6036490029591691264_n.jpg

172.67.71.109

200 OK

44 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/0ad0f9e52720e9d75cea294e18d27dba/5BFC9E0A/t51.2885-15/sh0.08/e35/s640x640/37869122_929385923921734_6036490029591691264_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
44 kB (44288 bytes)
Hash
efee31c08f4c1ed5b4b25423ab612ccf
1ca9b5030afa985a0506db833972d0711e6bdf5f
0c41b1392bcab98f88842dfdb41b8578c756dbd522685f5c8105fc5718952886

HTTP Headers

GET /vp/0ad0f9e52720e9d75cea294e18d27dba/5BFC9E0A/t51.2885-15/sh0.08/e35/s640x640/37869122_929385923921734_6036490029591691264_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 44288
cf-bgj: imgq:100,h2pri
cf-polished: origSize=45789
etag: "34f519ff843874abc437edd48b7928ca"
last-modified: Mon, 13 Aug 2018 20:37:24 GMT
x-amz-id-2: HCYirQWzujji6XWnn8idYF0G/4nviMXwVAN3hwgcnxPJUPbaZbj0bl2Nk9n2upf3Lp/v/ksQgCk=
x-amz-request-id: CMPKYAX8FP2YVEME
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIJlqRPDYBu4RR1r8aLqYk5xhPL8L%2FCKdqNo6zgT8aubnpdabnRimNAmq%2FVkaBx6vHJPaXgOFAbvwMxcLXvC0%2FjWn9N5b6WuKTG2Be1czawa1pZc1LewNUN7FEiE6TviqfBGDfGQANm9hkxy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6bf556c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/f5e4947d9c4a311a7c2bf006cbff0d34/5BF59F1D/t51.2885-15/sh0.08/e35/s640x640/37298999_2062826880455395_400448018941214720_n.jpg

172.67.71.109

200 OK

41 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/f5e4947d9c4a311a7c2bf006cbff0d34/5BF59F1D/t51.2885-15/sh0.08/e35/s640x640/37298999_2062826880455395_400448018941214720_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
41 kB (40604 bytes)
Hash
96718936fb47fbed8790497e9226d688
580a57f8eeb84873a2d03ede3a7c01bb778ff130
9a640fc83611be78eacc53202b224f3bdd542c071967d29ef23c36b29f52a2b3

HTTP Headers

GET /vp/f5e4947d9c4a311a7c2bf006cbff0d34/5BF59F1D/t51.2885-15/sh0.08/e35/s640x640/37298999_2062826880455395_400448018941214720_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 40604
cf-bgj: imgq:100,h2pri
cf-polished: origSize=42071
etag: "aaff1c398801bfb4f1d80b117412ce7c"
last-modified: Mon, 13 Aug 2018 20:37:21 GMT
x-amz-id-2: oES7dTVvCKWKBz8gRXpTS+zOxFpv66Kar+m4GqEIAg6rVSYLasX279uN0YYwtiUPC6VWa+GmyWw=
x-amz-request-id: CMPK1TKAFXK312RX
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSZBh4RkfnDO%2BniWHSz7ffV2s3Ln9wJ9vllIRFrPDNv58EET2iYPDAXcQUfi%2BOyEBC68kfUgJDFkCjHUIGebaR7MJ%2Bg6scy%2Fx%2Fe99hkPgxKxIZJbTO3w9PfHsLJe2qMmAcNbbW6tPOxUePuk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6bf756c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/06eb106dfd3fe5706176d1807aad2aab/5B74BDC3/t51.2885-15/sh0.08/e35/p640x640/38010670_279422966124429_3403357795024633856_n.jpg

172.67.71.109

200 OK

71 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/06eb106dfd3fe5706176d1807aad2aab/5B74BDC3/t51.2885-15/sh0.08/e35/p640x640/38010670_279422966124429_3403357795024633856_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x800, components 3\012- data
Size
71 kB (71357 bytes)
Hash
2b5eab7966c6635e31d889234887b796
002c21023b62a2e245a65e568b8a1c2832478307
3b17f4f10b368e0897d2585e901e8f8effda953be65229214f3efce22b387d07

HTTP Headers

GET /vp/06eb106dfd3fe5706176d1807aad2aab/5B74BDC3/t51.2885-15/sh0.08/e35/p640x640/38010670_279422966124429_3403357795024633856_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 71357
cf-bgj: imgq:100,h2pri
cf-polished: origSize=73623
etag: "65272a2e9a28953d33f6dd8283f71c2c"
last-modified: Mon, 13 Aug 2018 20:37:20 GMT
x-amz-id-2: +VfoEBciLf+yKbXnFs/swuUQPJy8Hy/Vuhchefqdr/pktU+JQAiTNVNz4MRqFgPkTylLBr7ca60=
x-amz-request-id: CMPHRF2W9ANRGZ4Y
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxER1uskT9AgHN6Rc7v%2F1f87Ym9DKhUZJZ%2FrJf58Z%2BKtj3SDwZ90MGB6wHeus8r%2FvP6k4P7wxi4Omfgdybwfk2ngB1P8nN9pwteyKkLcKY8vhIqJBPSu2xI40Cr9ePWgJY7w0y80Z6tW62T7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6bf956c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/23e6b9825d07ae0ad367dd95fdb7fadb/5BFDF40C/t51.2885-15/sh0.08/e35/s640x640/37238149_502854730138148_2422847680817397760_n.jpg

172.67.71.109

200 OK

54 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/23e6b9825d07ae0ad367dd95fdb7fadb/5BFDF40C/t51.2885-15/sh0.08/e35/s640x640/37238149_502854730138148_2422847680817397760_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
54 kB (54107 bytes)
Hash
e74dd6118110fe131795fa725fe7ac5e
1b98268eec0f9f9558bc942e98c1a89dd04a9eab
146c0954861ca92b128c21b46da31604651cfdbc2ea3e7b5a3e0755b2c94841b

HTTP Headers

GET /vp/23e6b9825d07ae0ad367dd95fdb7fadb/5BFDF40C/t51.2885-15/sh0.08/e35/s640x640/37238149_502854730138148_2422847680817397760_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 54107
cf-bgj: imgq:100,h2pri
cf-polished: origSize=55478
etag: "1cf9a621ed5f09d91abf0893f12a0be9"
last-modified: Mon, 13 Aug 2018 20:37:18 GMT
x-amz-id-2: 7dfv4AxfvxvcHuA4SL70p16CzGXWE6ZQ0QXXVfpB/d214HeKQK5Kcffc/Uv39nqyXhV8VQlbkE4=
x-amz-request-id: CMPS5X1QSWVJZWFY
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHILJx4jPil8cQCx44%2FBZJRhvPO3AfYMpJ2%2FPmMIGUH5vlgYvPXOzknMHIen4lT%2BP18rh8HFVQqt%2FHt0ddrlXedSkyZcl9hIRbIEn2bo80FE%2BacDsNgpke5LQOgm3r2KWvYPdKupFPMH%2Bj%2BG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6bfa56c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/4590be25d5932180f52dd718dcef6684/5C08323C/t51.2885-15/sh0.08/e35/s640x640/37103578_1823021234412428_8502526467018588160_n.jpg

172.67.71.109

200 OK

56 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/4590be25d5932180f52dd718dcef6684/5C08323C/t51.2885-15/sh0.08/e35/s640x640/37103578_1823021234412428_8502526467018588160_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
56 kB (55568 bytes)
Hash
75181a78e5ebdfed17ae4a0bf287852b
e438bf07dc36257e9eb2d1e0fccac0ca248ba7b4
620d95c4b7462eb9f6fbb5230090ee6a9a3f740298e179d2d0c5c9476b64389b

HTTP Headers

GET /vp/4590be25d5932180f52dd718dcef6684/5C08323C/t51.2885-15/sh0.08/e35/s640x640/37103578_1823021234412428_8502526467018588160_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 55568
cf-bgj: imgq:100,h2pri
cf-polished: origSize=57665
etag: "bd041dcbb6a19c99f67a5bded18220fa"
last-modified: Mon, 13 Aug 2018 20:37:18 GMT
x-amz-id-2: MbzhMBs0H4NPyxlCir/ecyNQ4EVNSajNR7bXD+DMRBqyp2OGnv8wZ5eG3KOlc/8/2jtcPZ+6ZeY=
x-amz-request-id: CMPK99E14879P8W1
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7%2BA3kcjHnBg2W0TmUVAVrzC%2BXwgIHHes5ii%2B9HdrDWQKpI2rNwMDrxmASSIEspz0aihx6LWttdwGdjQE2qwgxaDkUpfxb6A518N1esXyegvES0LvwMoWbNMMKXbk8lhX8TPyES497LCsgzt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6bff56c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/81cf264aa1a0eb6de081434a0edf80ee/5C0C1314/t51.2885-15/sh0.08/e35/p640x640/37623347_2049832235068248_1498156683870863360_n.jpg

172.67.71.109

200 OK

93 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/81cf264aa1a0eb6de081434a0edf80ee/5C0C1314/t51.2885-15/sh0.08/e35/p640x640/37623347_2049832235068248_1498156683870863360_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x800, components 3\012- data
Size
93 kB (93340 bytes)
Hash
d370f7ef3c25b57afe0b7c855ca5fa1e
5a90d9d02bc4c590bf8707ba587b62e1b77fe75b
429dbef613839ff4567490b6c80feb1065bd7386895b5620ae7b19d9a57c6e83

HTTP Headers

GET /vp/81cf264aa1a0eb6de081434a0edf80ee/5C0C1314/t51.2885-15/sh0.08/e35/p640x640/37623347_2049832235068248_1498156683870863360_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 93340
cf-bgj: imgq:100,h2pri
cf-polished: origSize=96475
etag: "1bef91a5c065c04798e477cde25b63f6"
last-modified: Mon, 13 Aug 2018 20:37:22 GMT
x-amz-id-2: inhQzkKZoJXWNMExWmoZzg++R+WV1pwAjJcShJqOUVovAsVJ60MxaeBpuj1BNW+jn34YiCEAwds=
x-amz-request-id: CMPP237ZMJRS624E
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxtarReQSzQ76qJBXaPFQGeb0zBjaspJ3Pw8NUe6Zf7DhRBuAdqznkJkFPL2vmmaKej07mggTv8vDSLI3RfqxwmnKSY%2BMCsBuxvRS9Wwgyq0q%2FZMCAGMm0oIjCZXyMEgDjo9JMgLpFn8kTSC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6bf656c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/0a41a6d63932831b21f0634c0371026e/5C0BE3FB/t51.2885-15/sh0.08/e35/s640x640/37556533_213630459341056_4811698981795004416_n.jpg

172.67.71.109

200 OK

54 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/0a41a6d63932831b21f0634c0371026e/5C0BE3FB/t51.2885-15/sh0.08/e35/s640x640/37556533_213630459341056_4811698981795004416_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
54 kB (54107 bytes)
Hash
e74dd6118110fe131795fa725fe7ac5e
1b98268eec0f9f9558bc942e98c1a89dd04a9eab
146c0954861ca92b128c21b46da31604651cfdbc2ea3e7b5a3e0755b2c94841b

HTTP Headers

GET /vp/0a41a6d63932831b21f0634c0371026e/5C0BE3FB/t51.2885-15/sh0.08/e35/s640x640/37556533_213630459341056_4811698981795004416_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 54107
cf-bgj: imgq:100,h2pri
cf-polished: origSize=55478
etag: "1cf9a621ed5f09d91abf0893f12a0be9"
last-modified: Mon, 13 Aug 2018 20:37:16 GMT
x-amz-id-2: XlMg697To0Z0kHTcdDjARE8kt13exbTUAlN2Z70mUM7gyCMb4pfU5DhSy2uo60B5FZQ/mNn0ze3BIVNXiPBB5dbwH06273JQQYBtq+pEJMk=
x-amz-request-id: CMPX64ZX68WGN4R1
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJMCABbcsPS0FDcqMB89O4iwcrBUe%2FXQAC22QahP7Adv%2BEZgbE%2FVjg%2B8YyiEmrqMg%2FuZirSGT8nf2WbgJvfk2FkG1JNO0SaKAtNV4PQVRFZO%2FNIKwWyX%2BHwfKJDkmQ%2BmV22fwk7FFMvtBw4i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea8c0756c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/50fc607bed9e5f7393518d779167a77b/5C067308/t51.2885-15/sh0.08/e35/p640x640/36927750_226009061453454_7738151425112276992_n.jpg

172.67.71.109

200 OK

78 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/50fc607bed9e5f7393518d779167a77b/5C067308/t51.2885-15/sh0.08/e35/p640x640/36927750_226009061453454_7738151425112276992_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x800, components 3\012- data
Size
78 kB (77683 bytes)
Hash
fa651e3848c34e2e93c7550e622eb106
c0f3f8d64b002c5d176e33781e64961b320b41d3
b35bd871e1de7a121f04f75c782dbc6f131eaa8e84d9f8b3bc0e83048569aeac

HTTP Headers

GET /vp/50fc607bed9e5f7393518d779167a77b/5C067308/t51.2885-15/sh0.08/e35/p640x640/36927750_226009061453454_7738151425112276992_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 77683
cf-bgj: imgq:100,h2pri
cf-polished: origSize=80184
etag: "83f4a50a4772ff2b4a194ab31f48b437"
last-modified: Mon, 13 Aug 2018 20:37:15 GMT
x-amz-id-2: vr7Udnkz9elvkSv2puucPLrkt4HnvRY3q8hkDrRKSOUr9bYpyKYfc6zHNAuYwf3xvGavK3LKa6U=
x-amz-request-id: CMPTDF6GW2NM6TDN
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tiWEX%2FaXYLlQWU5eQgWgIK1QS4DLGRF9qKwDgv%2BLm86uOYBXvU%2B374A1aHzRiB2TsNMGCqYDBJa4xceECTB7Ybufk%2BYS2fKFGT3Lg9%2BmtbvQf9Yk%2BUckL5lTnRi3OyNUFQR6MgBvBDVI5DA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eabc2256c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/47df4fff2fc305cdff7eb641f64b0d80/5BF73E29/t51.2885-15/sh0.08/e35/p640x640/36977119_558827334515156_1743692864602243072_n.jpg

172.67.71.109

200 OK

91 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/47df4fff2fc305cdff7eb641f64b0d80/5BF73E29/t51.2885-15/sh0.08/e35/p640x640/36977119_558827334515156_1743692864602243072_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x800, components 3\012- data
Size
91 kB (90758 bytes)
Hash
7ef7881f8d31dce2a93118571550b019
a877956dd178e4f3bbacc86be3b5603dd874b3f1
6d8313c3fafbd25d5f1a945b8a7dcf7851abdde6781af3de8db1f4dad9494486

HTTP Headers

GET /vp/47df4fff2fc305cdff7eb641f64b0d80/5BF73E29/t51.2885-15/sh0.08/e35/p640x640/36977119_558827334515156_1743692864602243072_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 90758
cf-bgj: imgq:100,h2pri
cf-polished: origSize=93380
etag: "aecf32c85f1cc5312d9057bebf2edb8c"
last-modified: Mon, 13 Aug 2018 20:37:16 GMT
x-amz-id-2: MwL6N3qS0axR9zw/r/IYE53D4H37JLZq+RDf/HVMmJTO6ZByYiOYLgmDGDkKgdHvLfcZfaf4Uy4=
x-amz-request-id: CMPRKEBAYPASRP3P
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiT%2Fw0Vkv2Lbuljv5EJR%2F1O%2Bl7BNKz0sJM5qw5T4pvW4M6tfeO48%2BUFrF%2B6KtvTOghNbxhq%2FN%2FxLrb%2FNRokyJcen2EAoL1McN7%2B6QktcGkMAXjnwEujNB0eFc3jDYsKYim0v9pSOxTfmU7JH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eaec3a56c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/97d342b21a3453764fab5c5aeea244bb/5C06807C/t51.2885-15/sh0.08/e35/p640x640/37209331_271535253579990_8237231572709801984_n.jpg

172.67.71.109

200 OK

70 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/97d342b21a3453764fab5c5aeea244bb/5C06807C/t51.2885-15/sh0.08/e35/p640x640/37209331_271535253579990_8237231572709801984_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x800, components 3\012- data
Size
70 kB (69994 bytes)
Hash
38fdcb7744aa981e32a7a49dcb381921
21e7a3db584e651f1dd66a6b0ad8f2b41c2d57fa
6d4c6e87f49622979e7c49dacfce24061e4ba2006dfff14f273f71d06ef8d7ae

HTTP Headers

GET /vp/97d342b21a3453764fab5c5aeea244bb/5C06807C/t51.2885-15/sh0.08/e35/p640x640/37209331_271535253579990_8237231572709801984_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 69994
cf-bgj: imgq:100,h2pri
cf-polished: origSize=72315
etag: "429924e8cf2309d638031966bdf50906"
last-modified: Mon, 13 Aug 2018 20:37:13 GMT
x-amz-id-2: adgxr6elSDF9NLOyS80ToYebTst/4o9TWP1BmYeMiowzFiS5stQkJx+8lKAwsgyxn8O98ODyPU4NTesbcXD+GtNWIjr/yIg/i+XkO707iMM=
x-amz-request-id: CMPZVZPB0KRGBGHR
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e2E1FCEn7Dj%2BDuPWSgdf9f%2FsTc0aeq40tBBl7w%2BAvYzHvB0tJhztzPonGraSvBfAP%2FPjrOBO3SLdYR09TUhEggPD5dKscJsoAtGVgLEOw%2Bjx4vIFCm4141c%2F%2FV1jP2ytyXDZ6XBNCwnwqjW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eb2c5b56c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/2f8160158eda0eca8325f043f4cd3634/5C13DFCB/t51.2885-15/sh0.08/e35/s640x640/36871107_226007391378743_6759297690812547072_n.jpg

172.67.71.109

200 OK

52 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/2f8160158eda0eca8325f043f4cd3634/5C13DFCB/t51.2885-15/sh0.08/e35/s640x640/36871107_226007391378743_6759297690812547072_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
52 kB (51892 bytes)
Hash
c04b55555ca9f2d3cd03c908f884907c
80636c6ad627f33ef11b92ecc6e8ccee757c0da3
00498b9ad218bc0345a4f07355ca09703f33f1c3dff2b418cc71c1b08e680c6c

HTTP Headers

GET /vp/2f8160158eda0eca8325f043f4cd3634/5C13DFCB/t51.2885-15/sh0.08/e35/s640x640/36871107_226007391378743_6759297690812547072_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 51892
cf-bgj: imgq:100,h2pri
cf-polished: origSize=53614
etag: "5a1de61a91a77b99c573fd9e040aecea"
last-modified: Mon, 13 Aug 2018 20:37:12 GMT
x-amz-id-2: 2ETNPioVULXHL5kdKvwzC8i5GZOEUKFG0+mJyv6czOAFM3vkQEeOy3iHwFyiAwMq2mTe/mX/SXc=
x-amz-request-id: CMPZJYT6820Q6WVR
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5FhN%2FZFAEX6k7DtXuNkPjpZ3o65IJieiRyqCjF3%2Fpf3m0cUZaabWsnRlAaYt0so6%2BgguoB2V9KiJFGFxkXR4VtDLVYzHW%2BqTm3pEpye%2BwUu8%2BkTxesBQK8R6EKNqDAuf5e8FtieWut6FTMm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eb2c5e56c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/54549c51b869bcd25b846d86769ed385/5C0F3243/t51.2885-15/sh0.08/e35/p640x640/36550034_2201309523434296_3440090013197402112_n.jpg

172.67.71.109

200 OK

82 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/54549c51b869bcd25b846d86769ed385/5C0F3243/t51.2885-15/sh0.08/e35/p640x640/36550034_2201309523434296_3440090013197402112_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x799, components 3\012- data
Size
82 kB (81782 bytes)
Hash
f79adc1dbc68916ec1b2f72d888c639d
93ad8414b3718a516955bf3f24286562a777dfb4
faa0a579a2167e55c2d3dd219accfdde539376d7f61d255ecd64465e2721794a

HTTP Headers

GET /vp/54549c51b869bcd25b846d86769ed385/5C0F3243/t51.2885-15/sh0.08/e35/p640x640/36550034_2201309523434296_3440090013197402112_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 81782
cf-bgj: imgq:100,h2pri
cf-polished: origSize=84659
etag: "2c1ba3d35c13cf49d27bab797e87de0d"
last-modified: Mon, 13 Aug 2018 20:37:06 GMT
x-amz-id-2: 0KjUcYIjA/lbgy17ZmjHqQSNGUkWzXmYE1jKt+xnpvwDvEZcDIRE9aTWCXyATi59Ne/Ll6/ElnJg9x3X0rrWdT5cE2AsojOWZlGAHI8d6Jk=
x-amz-request-id: CMPVG0MG683BRT9P
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTJyG6zBH1eNX%2FfdFGz%2F32m%2FQH%2BSunCXz3Ga0ydj39IhGRoaQ%2Fr6Uf9iavuGdCadrrKn6Fa4GjSFOyi151cpjND9Cf6rtdZrqNAUi40neXFuBtTOoECbdZilhGIDtAQdh3RmyU7z4%2Bn3n6hu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eb3c6456c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/0a2cf818c635303301a3b3427f2bdc43/5B748605/t51.2885-15/sh0.08/e35/p640x640/36913257_282470752329550_7683216478409064448_n.jpg

172.67.71.109

200 OK

56 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/0a2cf818c635303301a3b3427f2bdc43/5B748605/t51.2885-15/sh0.08/e35/p640x640/36913257_282470752329550_7683216478409064448_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x800, components 3\012- data
Size
56 kB (56033 bytes)
Hash
4a8a4ab704568e0cac53a41ebb3ab8b8
1134dc76b9667776051a5e5e28298f55f8f36045
e66807b833d057fd0fd2e508cec31128664bbda29384925900b6a8e2299f6373

HTTP Headers

GET /vp/0a2cf818c635303301a3b3427f2bdc43/5B748605/t51.2885-15/sh0.08/e35/p640x640/36913257_282470752329550_7683216478409064448_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 56033
cf-bgj: imgq:100,h2pri
cf-polished: origSize=57974
etag: "77409b067e29b8d1d8de2a195ecd2737"
last-modified: Mon, 13 Aug 2018 20:37:10 GMT
x-amz-id-2: 3gHxlLoqOX9LrtiGnmrmx5I4RN96nE2OKggL5EoGTxWz6lMgxIXUsAjXZp1Lo1BtvwE36FJFz+U=
x-amz-request-id: CMPVQ2EZ41RZJF8Z
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X2bZvxe9nxt%2FMNJ7tOV2YkNAWmaBeSoI1k%2BJ80TEyDQ%2FoSLM4DEtJZgI7ClT%2FXkd5JGeiC16AXDqeozCSul9nRyMo7dd6%2FOfCJy24Jjlzm3pGkPQjKeCRP1naL2az7R2GUs7JDHb2TrtSPM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eb3c6056c0-OSL
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/themes/betheme/js/scripts.js?ver=27.2.9.4

162.241.203.111

200 OK

119 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/themes/betheme/js/scripts.js?ver=27.2.9.4
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
gzip compressed data, from Unix\012- data
Size
119 kB (118617 bytes)
Hash
f0fd3fd573c94b7b29446d7087536464
bacd51809f2552a242e8dc428ae0d9b0b5a0df0b
d1d1bcf3cb8f27e3b90e8b4773f2e6acac1126782d16e3d4cd21ba1326f69901

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/js/scripts.js?ver=27.2.9.4 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 20 Oct 2023 17:23:58 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/063dc4e9c9f6524591b8d037d151de29/5C05DEF4/t51.2885-15/sh0.08/e35/p640x640/37238419_1997686110282247_5507330267515191296_n.jpg

172.67.71.109

200 OK

79 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/063dc4e9c9f6524591b8d037d151de29/5C05DEF4/t51.2885-15/sh0.08/e35/p640x640/37238419_1997686110282247_5507330267515191296_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x799, components 3\012- data
Size
79 kB (79167 bytes)
Hash
bc29d7d1eb250d8a534af0fc5ed764d1
2280aff1b44092a93e70798db46b9009914b08e3
8833dace364c4c5808a925cdd0bfceeabb513ef4b4074090e45807764525e5ad

HTTP Headers

GET /vp/063dc4e9c9f6524591b8d037d151de29/5C05DEF4/t51.2885-15/sh0.08/e35/p640x640/37238419_1997686110282247_5507330267515191296_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 79167
cf-bgj: imgq:100,h2pri
cf-polished: origSize=81655
etag: "0b76b90f775780ea5bc9a6bc9213f394"
last-modified: Mon, 13 Aug 2018 20:37:11 GMT
x-amz-id-2: OYDBQy792xMtU6uqJqb7VlLwRwaI40AreZsPympx7Aht4djGBz+G2XqTsqzIT54XRb92h8yH4lMyAQYOyL3ZO3skaZADvRYxCwySo7UYzYA=
x-amz-request-id: CMPJNBX8GDE4J8EG
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=On7qQJ7IvgXFG%2F5MkiG1xjPRo7NhQTmCdERppm3naq4gnR4t0GHxQ%2FHnSj6XH23Oax7bjsC%2FGEuzBp9IhmWTdovz%2BDu2pywpJB7AR13oyODbX4KKJs2x9rneHJ88xHtjfsq5W857chsQsY78"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eb3c5f56c0-OSL
X-Firefox-Spdy: h2

snapwidget.com/stylesheets/embed.scrolling_v2.vendor.min.de57896fa753ba27.css

104.26.8.123

200 OK

65 kB

URL GET HTTP/2
snapwidget.com/stylesheets/embed.scrolling_v2.vendor.min.de57896fa753ba27.css
IP
104.26.8.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint78:E0:FD:2B:4A:C5:B2:F0:9C:D0:38:C6:72:30:05:48:B5:67:12:C6
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (467), with no line terminators
Size
65 kB (64811 bytes)
Hash
de57896fa753ba27940e38c1b2ae1c4c
2e3988c6e802cc5c40b83529da271d7b1ebad9ab
9391f28ab2fa523c00d91f1c2bce0c17d122e7ec1234db6623809d1694d41c80

HTTP Headers

GET /stylesheets/embed.scrolling_v2.vendor.min.de57896fa753ba27.css HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/embed/545561
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:05 GMT
content-type: text/css
cf-bgj: minify
etag: W/"6527900b-1d3"
last-modified: Thu, 12 Oct 2023 06:19:55 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1215571
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aC8nMuiTzpmc97Dcx8lNwnIS2Zaho1Tm51W3Cq%2F2lOJjlh9jMFB3i14quFfkuQJfRKrqVyeUoLZ76P6EIddP8TAN4ALkuGsVernXQXrLgdfWdFH9imPofPDVvxwKgnYL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 832300e70d08b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/4d471ed5a4dbbf9c51af3135c807c35b/5C01AFB6/t51.2885-15/sh0.08/e35/s640x640/36085586_314144799125143_6700290226054496256_n.jpg

172.67.71.109

200 OK

66 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/4d471ed5a4dbbf9c51af3135c807c35b/5C01AFB6/t51.2885-15/sh0.08/e35/s640x640/36085586_314144799125143_6700290226054496256_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
66 kB (66336 bytes)
Hash
c8b602b5c185698074b03dc9beec4792
18dd42c01ed80a4344b80c88053f979d643adfa6
021062348ec65c18d9582067384722f2adce0f5340cf6f1f23cc5a14d2edb263

HTTP Headers

GET /vp/4d471ed5a4dbbf9c51af3135c807c35b/5C01AFB6/t51.2885-15/sh0.08/e35/s640x640/36085586_314144799125143_6700290226054496256_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 66336
cf-bgj: imgq:100,h2pri
cf-polished: origSize=68691
etag: "030df79668b163f741613d4395c973cd"
last-modified: Mon, 13 Aug 2018 20:37:04 GMT
x-amz-id-2: kYOHQi81P8K1IiadKKw7rAXblSAsZ3ATU6IUc4aTo4MF8ybKJG5sXpyhE+QmtOE929kK7vYuuZw=
x-amz-request-id: CMPKQY11CB77X2ST
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Opechkh4S%2FpsKpciCy%2Fd5jZi03ILUodJWWxt7hfqjcSF6jM4il%2FD%2BDAY%2BTfy4hum9uu44A%2FhLoDzTXUosaJnbX8%2BbeAqtRaOysGiuq4s6d%2FFXzRLWliIox%2BucZyaHsKUzA4AUZ0S9vJ7hj%2BH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eb3c6656c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/d04971a7704bdc519504da7cd3436dd8/5BF7460E/t51.2885-15/sh0.08/e35/p640x640/34651833_202233827148344_2733931522116550656_n.jpg

172.67.71.109

200 OK

77 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/d04971a7704bdc519504da7cd3436dd8/5BF7460E/t51.2885-15/sh0.08/e35/p640x640/34651833_202233827148344_2733931522116550656_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x800, components 3\012- data
Size
77 kB (76838 bytes)
Hash
19bf7a3ff1eb2e9590540a1dd2ed4ca0
f071a3fadb0fd66c4f94ce7f4d5fe6e71ea391e4
e820a90e82560d8e7cd514860315d17d91a6f0831b60df5710111544cee65c2b

HTTP Headers

GET /vp/d04971a7704bdc519504da7cd3436dd8/5BF7460E/t51.2885-15/sh0.08/e35/p640x640/34651833_202233827148344_2733931522116550656_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 76838
cf-bgj: imgq:100,h2pri
cf-polished: origSize=79525
etag: "9c05dfbe2279db64fc9a9304e9e3142f"
last-modified: Mon, 13 Aug 2018 20:37:04 GMT
x-amz-id-2: ukNgdp/0lXXSvyJzRMiXpgmnRCpKzzLOuUGMrhV6TUEAyIiJ08vGBc6pJMgkPviL0PciWRHVtw8=
x-amz-request-id: CMPTR6B678DRWAR8
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gs052Si9p8ew0SEptQL9y3zRpaRf%2BmQcaaOUVpPWwjiEegMXueLEE0cXxpD3bzg0KZYV%2BSvVyK%2BlSe%2BPEWRZOj6IQXwG%2FQ61Fb7zjoetB1hnbU1AnyeK5mJUUna97GkOYKqes7vvQ4US0Cia"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eb3c6556c0-OSL
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/f116ac538c5b64eb9eb832d3d9af8aa4/5C0AB750/t51.2885-15/sh0.08/e35/s640x640/36758107_2067423163518346_8994845026127183872_n.jpg

172.67.71.109

200 OK

54 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/f116ac538c5b64eb9eb832d3d9af8aa4/5C0AB750/t51.2885-15/sh0.08/e35/s640x640/36758107_2067423163518346_8994845026127183872_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
54 kB (53504 bytes)
Hash
e0de297d684a02c28fdc4176f72d2797
39dd061f1c8e20077021f62a038c51a1dc47741e
503a582139bc6f964e84ad006e15df142e63968a1541d972a2974977431ffa25

HTTP Headers

GET /vp/f116ac538c5b64eb9eb832d3d9af8aa4/5C0AB750/t51.2885-15/sh0.08/e35/s640x640/36758107_2067423163518346_8994845026127183872_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 53504
cf-bgj: imgq:100,h2pri
cf-polished: origSize=55181
etag: "aeb6013b12a708b8107706d537826852"
last-modified: Mon, 13 Aug 2018 20:37:12 GMT
x-amz-id-2: EykV60ExxotCpUNbR+cjkZVRr1HHpRO+ajIOmLbizznAlNrj6zMGL+OPFiFzzz9ME04z+sUTJGE=
x-amz-request-id: CMPZ88DPE3814BV0
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnhbgCY4PYX9RnkWm2d7M5%2FZhti5ZCxfCZygDiUaAJCQ6jqH4DNTHEqar26yfgW6VubkYl6sAB0NQnVr6wVvR5Q9r18aCnOVu7pe3ESuWEpeFOwD3s9Y2DNcyGm964krHc13WxtuzRDzfJ5b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eb2c5c56c0-OSL
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/revslider/public/assets/assets/loader.gif

162.241.203.111

200 OK

2.5 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
GIF image data, version 89a, 24 x 24\012- data
Size
2.5 kB (2545 bytes)
Hash
4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.18
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 23 Oct 2023 12:10:50 GMT
accept-ranges: bytes
content-length: 2545
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:06 GMT
referrer-policy: 
content-type: image/gif
date: Fri, 08 Dec 2023 06:38:06 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/10/acumputura.png

162.241.203.111

200 OK

5.8 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/10/acumputura.png
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
PNG image data, 373 x 140, 8-bit/color RGBA, non-interlaced\012- data
Size
5.8 kB (5796 bytes)
Hash
d5baf7e992b0dae28ab8648795677e61
19ab023e2822da26003f57a5f8f9edec329741d7
ed842f336d3a1368ec8369aafbcc9cea70f5f8e06df4e79c5852c93fa8c27985

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/10/acumputura.png HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 27 Oct 2017 19:52:55 GMT
accept-ranges: bytes
content-length: 5796
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:07 GMT
referrer-policy: 
content-type: image/png
date: Fri, 08 Dec 2023 06:38:07 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/10/espaco.png

162.241.203.111

200 OK

8.5 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/10/espaco.png
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
PNG image data, 323 x 173, 8-bit/color RGBA, non-interlaced\012- data
Size
8.5 kB (8495 bytes)
Hash
42cb6f472bbf4fac7f021594161d499a
c642e71da1dfd14c691bf1af08cc9418c3c13d2a
556bfa4294f548093985207eda34bf6961b94a145876e6d6df80fa520faaabd6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/10/espaco.png HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 27 Oct 2017 19:43:17 GMT
accept-ranges: bytes
content-length: 8495
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:07 GMT
referrer-policy: 
content-type: image/png
date: Fri, 08 Dec 2023 06:38:07 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/10/banner-principal-home-acumputura.jpg

162.241.203.111

200 OK

44 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/10/banner-principal-home-acumputura.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x750, components 3\012- data
Size
44 kB (43989 bytes)
Hash
34dcf25588c0db5d3c02fc98a2a77f2f
bc498c46064e4d9c8c4bbd04838db71277adfe5c
ee3ea991346c799f1cc4cafef1f56a2c37d759f929e2f764245a6b6c5218a60b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/10/banner-principal-home-acumputura.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 19:02:25 GMT
accept-ranges: bytes
content-length: 43989
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:07 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:07 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/10/banner-principal-home-esaco.jpg

162.241.203.111

200 OK

74 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/10/banner-principal-home-esaco.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x750, components 3\012- data
Size
74 kB (73783 bytes)
Hash
552841c1d73e4fc110f38c49975ad263
e755e85a627f5dee5fcf5a23d20aae97b4e38e19
373aff42044ceed46d6083485091316a698c2cb1b5732cefb7a0ce9c467d7fb8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/10/banner-principal-home-esaco.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 19:01:09 GMT
accept-ranges: bytes
content-length: 73783
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:07 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:07 GMT
server: Apache
X-Firefox-Spdy: h2

snapwidget.com/stylesheets/embed.scrolling.min.5fe7b258a420749d.css

104.26.8.123

200 OK

1.1 kB

URL GET HTTP/2
snapwidget.com/stylesheets/embed.scrolling.min.5fe7b258a420749d.css
IP
104.26.8.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint78:E0:FD:2B:4A:C5:B2:F0:9C:D0:38:C6:72:30:05:48:B5:67:12:C6
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1771), with no line terminators
Size
1.1 kB (1134 bytes)
Hash
5fe7b258a420749da49e285aed7c1ed9
e29bf838ba48c8f8fca194a82e0e50912663bb4d
27af1146ddc33747370995531d946a2868851893a2e9e9e8c8333ea8f759aa80

HTTP Headers

GET /stylesheets/embed.scrolling.min.5fe7b258a420749d.css HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/embed/545561
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:05 GMT
content-type: text/css
cf-bgj: minify
etag: W/"6548a322-6eb"
last-modified: Mon, 06 Nov 2023 08:26:10 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1398679
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZi71FeNyqaCna6vjyqyi2pf0NZk1lz4KDO7mLJNfTdxOKP6ArJckHUmPNSm0cfqtkHGFZm%2BiaWk%2BCdCjjMbfevvutr4z1JbHAsOVFx576ESP6DtDG08I4EpkFz989BA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 832300e71d0cb529-OSL
content-encoding: br
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-01-19-16-42-22.chain; p384ecdsa=O3by82tyaBgl19bdCYf_aNQCPtHXYbwKrK1xbgO1FtoJCFmj5DRZppLkDL63XMY_BtulUbNLENaPOSCsxCZKvr746cZvkcxGdFdvH8D0bYwJZZJKSE9gHTZ0kD1mk1L7
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
content-length: 444
date: Fri, 08 Dec 2023 06:37:04 GMT
age: 76
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

62.115.252.115

512 kB

URL
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
62.115.252.115:0
ASN
#1299 Telia Company AB

File type
Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size
512 kB (511815 bytes)
Hash
152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48

HTTP Headers

GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Last-Modified: Thu, 16 Nov 2023 07:38:15 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1700120294.87662
Content-Type: application/zip
X-Trans-Id: tx15b69f172b404fa58b2bb-006555fb11dfw1
Cache-Control: public, max-age=128037
Expires: Sat, 09 Dec 2023 18:12:17 GMT
Date: Fri, 08 Dec 2023 06:38:20 GMT
Connection: keep-alive

snapwidget.com/cdn-cgi/rum?

104.26.8.123

204 No Content

0 B

URL POST HTTP/2
snapwidget.com/cdn-cgi/rum?
IP
104.26.8.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint78:E0:FD:2B:4A:C5:B2:F0:9C:D0:38:C6:72:30:05:48:B5:67:12:C6
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 444
Origin: https://snapwidget.com
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/embed/545561
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/2 204 No Content
date: Fri, 08 Dec 2023 06:38:21 GMT
access-control-allow-origin: https://snapwidget.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 832301457e13b51e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

snapwidget.com/node_modules/jquery/dist/jquery.min.js

104.26.8.123

200 OK

84 kB

URL GET HTTP/2
snapwidget.com/node_modules/jquery/dist/jquery.min.js
IP
104.26.8.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint78:E0:FD:2B:4A:C5:B2:F0:9C:D0:38:C6:72:30:05:48:B5:67:12:C6
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32025)
Size
84 kB (84380 bytes)
Hash
4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

HTTP Headers

GET /node_modules/jquery/dist/jquery.min.js HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/embed/545561
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:05 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 22 Oct 2021 09:59:11 GMT
vary: Accept-Encoding
etag: W/"61728b6f-1499c"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 201
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cRXb8IiJ8OgGDTiRtkHtcT%2Bztq20m5oBUpaa9aj7QvDqMb8z%2FxVkASyLejm%2FKEbA02954G12YZkM%2FwxMSOZIjxpjeaXOZbg7xX3VyW1O%2Bv5yrTH3NLa4zp9mbDkqgsy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 832300e72d13b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/ecebc84828788c8a960d8b7fa1cc9de4/5C0FD249/t51.2885-15/sh0.08/e35/s640x640/37809640_295076231248148_4642397323811356672_n.jpg

172.67.71.109

200 OK

82 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/ecebc84828788c8a960d8b7fa1cc9de4/5C0FD249/t51.2885-15/sh0.08/e35/s640x640/37809640_295076231248148_4642397323811356672_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
82 kB (81471 bytes)
Hash
9ec0e5f1948616e10b59847a78f9f94b
8fb4812e142ccb84e4e8781c2ce50498dcdc948f
c088a9c6504fc1c18feb8e59c6266c7d0fa97875625b07ddfa5d1aa9c19ce56c

HTTP Headers

GET /vp/ecebc84828788c8a960d8b7fa1cc9de4/5C0FD249/t51.2885-15/sh0.08/e35/s640x640/37809640_295076231248148_4642397323811356672_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 81471
cf-bgj: imgq:100,h2pri
cf-polished: origSize=84272
etag: "eaa828f72c9b6ed16f0d9cb27ce28161"
last-modified: Mon, 13 Aug 2018 20:37:26 GMT
x-amz-id-2: bBkCth4wfvc83DTj39YrJzGATtWOnt57lMPtqyCQOMiV5oVXc+8PAY3VJhZwTyqxS9mFAgbGpCQ=
x-amz-request-id: CMPK3C6E08J5CJAJ
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FzEbFgtiVqMYb25OmOioRe1EjPtS%2FvPxX6yg7TRcxq8ro8gcRwkpe2WFobBlbYOlP7HLjVE7gSX%2Fe6J8OAYnNyDBJCMq6EIOXWRKi64kdWmnCwfesX3FKxArq9BCGY6T6Afve8gxEVoYoft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6bf156c0-OSL
X-Firefox-Spdy: h2

snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css

104.26.8.123

200 OK

16 kB

URL GET HTTP/2
snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css
IP
104.26.8.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint78:E0:FD:2B:4A:C5:B2:F0:9C:D0:38:C6:72:30:05:48:B5:67:12:C6
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (15866)
Size
16 kB (15950 bytes)
Hash
2dde25ae2dcd93aafc9d078521f3ba61
57ba16df2a114ed5cab1a66b501f5a0cc83d9058
c8988d47e2ab355eeeaec4a43d412c4eb81015fe23c57292cca36dc57716a398

HTTP Headers

GET /stylesheets/embed.style.min.307799cd3bc5b2ee.css HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/embed/545561
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=15975
etag: W/"6548a323-3e67"
last-modified: Mon, 06 Nov 2023 08:26:11 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1293044
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzbq4mBQpez7F6Mc0s4Iy475TZs01Ie5KRMF4R%2FvWnD6qImmAoXfBI2UA9h%2BJS7huppXm9yOoeUb%2Bbqp6%2BLtTThngO3Z%2F9dwTHguclrBsUIotO5l01mqKVDts0RHLZiL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 832300e70d0ab529-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-E8WQDE3S74

142.250.74.168

200 OK

274 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-E8WQDE3S74
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
274 kB (274521 bytes)
Hash
51581ade28ef8bdb24eeb958f45ac62d
e4e4f31a5813f45d924a796d7ea03d8dcb9f2a96
f2082699c1773631234afb53a9cff6888cd1ce9a4cdd7a7106eae07c88d12cf5

HTTP Headers

GET /gtag/js?id=G-E8WQDE3S74 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 06:38:06 GMT
expires: Fri, 08 Dec 2023 06:38:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

snapwidget.com/images/post_type_icons.png

104.26.8.123

200 OK

2.3 kB

URL GET HTTP/2
snapwidget.com/images/post_type_icons.png
IP
104.26.8.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint78:E0:FD:2B:4A:C5:B2:F0:9C:D0:38:C6:72:30:05:48:B5:67:12:C6
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2288 bytes)
Hash
b1be0c2f033b57b3163449e354d56c58
c85bc26ee45b104a8426e86d735ba37e1f2b233c
367635abeaa40ce11827271d48fd0ae5fa723bd00c398af5d1b8c8f6aa56d479

HTTP Headers

GET /images/post_type_icons.png HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/webp
content-length: 2288
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2778
content-disposition: inline; filename="post_type_icons.webp"
vary: Accept
etag: "655847d6-ada"
last-modified: Sat, 18 Nov 2023 05:12:54 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1307716
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIsP9Vd9S6BJU%2FYWryT8%2BQo%2FXYFTRJV8nP7SqS1CqRU7Z%2FDi7pxgJrf1emOSMnjlLv03thnupgNrZXILP5LXFDpBfyqSOlJKcTJGRQOBakFjHcc2%2Bj0i7LLKkegd0Kyg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 832300e84dc0b529-OSL
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.18

162.241.203.111

200 OK

165 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.18
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (45047)
Size
165 kB (165339 bytes)
Hash
0a7176e860c4303f557950b75fb8a898
c292eb1b902ed06fccd65a684d6b311e1290caa9
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.18 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 23 Oct 2023 12:10:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/revslider/public/assets/css/openhand.cur

162.241.203.111

200 OK

326 B

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/revslider/public/assets/css/openhand.cur
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @7x5\012- data
Size
326 B (326 bytes)
Hash
b06c243f534d9c5461d16528156cd5a8
bb22807a7c23dae7d007673b407850438856bbfa
080627fa359156339e79f118fa66a6937f09ff679fe87e8afa473b95c8168d35

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/openhand.cur HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.18
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 23 Oct 2023 12:10:50 GMT
accept-ranges: bytes
content-length: 326
referrer-policy: 
date: Fri, 08 Dec 2023 06:38:06 GMT
server: Apache
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/e7c1a92d08e6e9d3a52850d7cda827a4/5C078104/t51.2885-15/sh0.08/e35/s640x640/36476350_671470233217410_6225408624282304512_n.jpg

172.67.71.109

200 OK

75 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/e7c1a92d08e6e9d3a52850d7cda827a4/5C078104/t51.2885-15/sh0.08/e35/s640x640/36476350_671470233217410_6225408624282304512_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
75 kB (75081 bytes)
Hash
0274e7f0021d7de858b858ca98afbc7e
a2abe34028b66705c7c213c253378c8f8f0b8525
8545c7bfda25d6cbaa7870c111392139d1aa1f002e245600d27d5ac26b9ff174

HTTP Headers

GET /vp/e7c1a92d08e6e9d3a52850d7cda827a4/5C078104/t51.2885-15/sh0.08/e35/s640x640/36476350_671470233217410_6225408624282304512_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 75081
cf-bgj: imgq:100,h2pri
cf-polished: origSize=77633
etag: "211b1ca7fbb07261eb420fce21c21b09"
last-modified: Mon, 13 Aug 2018 20:37:08 GMT
x-amz-id-2: m7Pc4BWuhbfYQrDjCBIcZPQ0vZo+LlCa1+UBhY9NsNkeYkNl9EXcRvyoyp9N/wWMuxgA1FxHg3Y=
x-amz-request-id: CMPPA1RPSAEYPQEK
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRmIo8G4QRaGAf5vYwHAeys3KpPQ6qPB3sI02ZqvTIsuq7ZZnjUBkghEmYRNg%2F%2BoVrjlO8L1X%2FzRbhONkORfm9XdXlI4G2x6OwwHm9EvPVEf1C60zE16jMZPoOywAbCWh0R4%2BNPMjADJN3E8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eb3c6256c0-OSL
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2017/03/galeria-de-sonhos-home-02.jpg

162.241.203.111

200 OK

30 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2017/03/galeria-de-sonhos-home-02.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x650, components 3\012- data
Size
30 kB (29907 bytes)
Hash
f19c8941d770d30c73c3b21c8c883a79
974ded26d9950304ad030a8be045232e8573a8ca
4af9023d30dc7d6a0e2ced9ef0a27cbdb829be3741bee00f0dc5224da97489e7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/03/galeria-de-sonhos-home-02.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 18:56:50 GMT
accept-ranges: bytes
content-length: 29907
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Convergence:400&display=swap

142.250.74.106

200 OK

808 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Convergence:400&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://saudesomnis.com.br/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (826), with no line terminators
Size
808 B (808 bytes)
Hash
4fa54d17a109f0eb1341dd81133505ed
9c9565b166b71a75fe271361042a7ed194edd112
cfe6ef7f1970173ba91e7c980445a9802de9b50cddbd518c9a8350dab00a24cd

HTTP Headers

GET /css?family=Convergence:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 06:38:05 GMT
date: Fri, 08 Dec 2023 06:38:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.18

162.241.203.111

200 OK

410 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.18
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
410 kB (410153 bytes)
Hash
0e4ee1e57cfb5ed34b74d82e847ce797
a9358089dd645dfb6fb3e060bdf50c26c160d5fa
44350f3c434ddd70b17e6b0f49398c24efa091ab58e1ab12700acd15962f4374

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.18 HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 23 Oct 2023 12:10:52 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
content-encoding: gzip
referrer-policy: 
content-type: application/x-javascript
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/33480e08ec314a9f9e0f0fe10ab64303/5C0AC0FC/t51.2885-15/sh0.08/e35/s640x640/36643394_1113692865450013_3815590852038754304_n.jpg

172.67.71.109

200 OK

65 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/33480e08ec314a9f9e0f0fe10ab64303/5C0AC0FC/t51.2885-15/sh0.08/e35/s640x640/36643394_1113692865450013_3815590852038754304_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x480, components 3\012- data
Size
65 kB (64639 bytes)
Hash
2f0454676e2a09ee75cc80b8a9af9559
12873af87f4389ce91694209bf05fc67c839d895
449a6ff5157d22e7100b18e01a5a04aaa40e812c62ab413e64f2dac4d6d334bf

HTTP Headers

GET /vp/33480e08ec314a9f9e0f0fe10ab64303/5C0AC0FC/t51.2885-15/sh0.08/e35/s640x640/36643394_1113692865450013_3815590852038754304_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 64639
cf-bgj: imgq:100,h2pri
cf-polished: origSize=67070
etag: "fa59359487742508d8b688d626c253e6"
last-modified: Mon, 13 Aug 2018 20:37:07 GMT
x-amz-id-2: Ru3sRY1/9DdfwYALwkJKRuwRawjxR0SHsb48mz0KS4psiKzd7WnYguXK/y+p8qALCaAGowd4RNY=
x-amz-request-id: CMPSMM9JFX82MH09
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23Nm3QgE0kx4Y6vaQRJQsnPR4aZ9VPfGNw6R1CwOhhIP5rhsMj6o%2B1R14hVXlkXqMVedA2mEhkiI%2F5%2BEUGvw0WyA%2BSAWyKl5I4YoQG2tnoAkUMKKcJGKphNVwxn1qfUqPRayEYCoIwe7c%2B1k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300eb3c6356c0-OSL
X-Firefox-Spdy: h2

saudesomnis.com.br/wp-content/uploads/2018/09/servicos-somnis-img-acupuntura-min.jpg

162.241.203.111

200 OK

21 kB

URL GET HTTP/2
saudesomnis.com.br/wp-content/uploads/2018/09/servicos-somnis-img-acupuntura-min.jpg
IP
162.241.203.111:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://saudesomnis.com.br/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.saudesomnis.com.br
Fingerprint63:FF:FD:A4:FE:D0:16:2A:5D:77:AD:5F:91:FD:54:1C:64:92:BE:40
ValiditySat, 28 Oct 2023 05:05:16 GMT - Fri, 26 Jan 2024 05:05:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x500, components 3\012- data
Size
21 kB (21275 bytes)
Hash
e955853756db212188c54a05c5726317
da8a21417e7c2671a5cc6850b603056b6cda8965
b3b99d8e4e4542ba2b8f2b603736fe05703c5fab11d94cac45be34da272a1156

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2018/09/servicos-somnis-img-acupuntura-min.jpg HTTP/1.1
Host: saudesomnis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://saudesomnis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 18 Sep 2018 18:05:44 GMT
accept-ranges: bytes
content-length: 21275
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 06:38:05 GMT
referrer-policy: 
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:05 GMT
server: Apache
X-Firefox-Spdy: h2

snapwidget.com/stylesheets/embed.vendor.min.760717b3f565c387.css

104.26.8.123

200 OK

2.4 kB

URL GET HTTP/2
snapwidget.com/stylesheets/embed.vendor.min.760717b3f565c387.css
IP
104.26.8.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint78:E0:FD:2B:4A:C5:B2:F0:9C:D0:38:C6:72:30:05:48:B5:67:12:C6
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2484), with no line terminators
Size
2.4 kB (2359 bytes)
Hash
75a38a055623b60e6959b6e8b50755e1
f8f2b1b3fee71eed35643e2d0d7c3806ca7eb793
dd3e3cbc54e073bb29820decc101414f409cc0fe11f434323609d186c781a4c9

HTTP Headers

GET /stylesheets/embed.vendor.min.760717b3f565c387.css HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/embed/545561
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:05 GMT
content-type: text/css
cf-bgj: minify
etag: W/"65279040-937"
last-modified: Thu, 12 Oct 2023 06:20:48 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 872362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWbAF7FVlz0lFdc6ADxkAhxVy8ixLQptnt1JxNtvp5sa0mJdqWhoruKsVhVS9ffdXaUC7%2BbHBpIOhVVGdriStUTDKFwkIDyLymc5WQQAmbctJk%2BgV1RXe5%2FH10xGMKut"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 832300e70d07b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

scontent.cdnsnapwidget.com/vp/dfd696600080fa9e45a345648f7ceeb1/5BED91EF/t51.2885-15/sh0.08/e35/s640x640/37606936_215640109106735_5271519099627765760_n.jpg

172.67.71.109

200 OK

62 kB

URL GET HTTP/2
scontent.cdnsnapwidget.com/vp/dfd696600080fa9e45a345648f7ceeb1/5BED91EF/t51.2885-15/sh0.08/e35/s640x640/37606936_215640109106735_5271519099627765760_n.jpg
IP
172.67.71.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://snapwidget.com/embed/545561
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:ED:B7:0F:DE:AB:F2:E3:56:D3:52:A3:72:1E:EF:A1:52:6F:6B:61
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Size
62 kB (61944 bytes)
Hash
f102f2fbac99d2c63ebbe76bea8ad4ba
e063287f7d938ae514f2f148f7ba39227c7bf9b5
eaa426056eb531485d4519354094054c47eddd2da95b1e68b0c60b769ff77002

HTTP Headers

GET /vp/dfd696600080fa9e45a345648f7ceeb1/5BED91EF/t51.2885-15/sh0.08/e35/s640x640/37606936_215640109106735_5271519099627765760_n.jpg HTTP/1.1
Host: scontent.cdnsnapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 06:38:06 GMT
content-type: image/jpeg
content-length: 61944
cf-bgj: imgq:100,h2pri
cf-polished: origSize=63985
etag: "2b7f4f06b77b968a8cdedbc258a68245"
last-modified: Mon, 13 Aug 2018 20:37:31 GMT
x-amz-id-2: 4F4yFk2KpTcA0MZ1TcvrmLkf2UgWQ51Cdw0QZ/APSRy6nTZs3pcjaWnswwdGVhgPMex1z41ao/4=
x-amz-request-id: CMPPBWE9BX09B4K9
cache-control: max-age=86400
cf-cache-status: HIT
age: 69882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHP53kdWDwCcs0y798KT9K%2FhfvXShbge1cBzDj4iY25zrxya16beA9u4QnuDBMgBN7SLkbpBVFZQ%2B11%2BkbsyGzOMsHvVP9ByFDm3j9L3jSd%2F3CTsfDj6Ok%2F9wwEpDHUKypfdZHe1fzw4MIUS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832300ea6beb56c0-OSL
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by