firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 17 Sep 2022 03:11:12 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -2lLIL0wDMSnnUO3Q0t2Ky6loTbRfImtneML7GMm6Wa9rJyYx6NOIQ==
Age: 1825
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 96daaf84cd2c07756756caf7a2724a29
d24d47c68eec98d44bf341dab9d893df97103e1a
fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7214
Expires: Sat, 17 Sep 2022 05:41:51 GMT
Date: Sat, 17 Sep 2022 03:41:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fGfOEdMn7hH3Ea60sfvPb44PDSNgkccKaP6pO3yieFNFcS1CUkumLw==
age: 83182
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 03:41:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
192.185.223.116200 OK 43 kB URL HTTP/1.1 www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (38668)
Hash e457a879039020204071cf37f756ca50
1514168c1b083788c95cd0012c6a3d877c8c6af8
6795c882dc04c286d0d6f52e401774c7ffa684672ac26cefd16890da98d5df81
Analyzer Verdict Alert openphish Alaska USA Federal Credit Union
GET /trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session= HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 03:41:37 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=7200
Expires: Sat, 17 Sep 2022 05:41:37 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 17 Sep 2022 03:03:22 GMT
Cache-Control: max-age=3600
Expires: Sat, 17 Sep 2022 04:03:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Hbk-x9wqfySz7raLDl7pi0A45wqSqk9AAVIzD2Lt10JH8wOmB0rFRQ==
Age: 2296
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a0273c3a6408aac9556a8193c7960ffa
7782e7f0c524f4e2d793733d50d4c145ec307ee9
b7179dae51c5119d90b0f1df67d74ce1109a934b220139b11314b8a4cb4e6165
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 424
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 03:41:38 GMT
Last-Modified: Sat, 17 Sep 2022 03:34:34 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a0273c3a6408aac9556a8193c7960ffa
7782e7f0c524f4e2d793733d50d4c145ec307ee9
b7179dae51c5119d90b0f1df67d74ce1109a934b220139b11314b8a4cb4e6165
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: ECS (amb/6B98)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3db421016cf0e3ad25f324cf0faf0fac
b15909de1105d4d2fb5be5b3920c454daf022445
914b15f28636e0a5e851540ffb0625ecd09d0546b2f1f7af90b267ceebcf1d5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6160
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 03:41:38 GMT
Last-Modified: Sat, 17 Sep 2022 01:58:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.alaskausa.org/css/akusa-express.css
107.162.171.161200 OK 4.6 kB URL HTTP/1.1 www.alaskausa.org/css/akusa-express.css
IP 107.162.171.161:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 825350f09acb37cf5ec0cac6016f5c8d
253d99cb60408d7f60734dcaf60abe848b4281c9
4afa21fd07b5e1574b4637b41e29ae2e93176e941d172c1476ca7fa947f7834e
GET /css/akusa-express.css HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Fri, 16 Sep 2022 21:12:56 GMT
Accept-Ranges: bytes
ETag: "21f7541711cad81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 17 Sep 2022 03:41:37 GMT
Via: 1.1 dca1-bit12005
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
push.services.mozilla.com/
34.213.92.18101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.92.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hMuNnrzrswpAKNiQMqJD7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LECVo87FasArJ41S0rGkiiiMDek=
www.alaskausa.org/js/jsSuite-1.8.js
107.162.171.161302 Object moved 296 B URL HTTP/1.1 www.alaskausa.org/js/jsSuite-1.8.js
IP 107.162.171.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 33dc966734cea833f261863e35b1f2f3
b1c3e2ea6431645131178005d1eb1677c40cf4e5
21ec73760050529f53f914ef8194651a4c2de4411e4bc36be410947bd3a26dbc
GET /js/jsSuite-1.8.js HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Object moved
Cache-Control: private
Content-Type: text/html
Location: /pageUnavailable.asp?status=missing
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 17 Sep 2022 03:41:38 GMT
Via: 1.1 dca1-bit12005
Set-Cookie: ASPSESSIONIDAEGRCQDS=MNABONECGCLLPBDEHGKAPCKI; secure; path=/
TS01682a2f=01ae8fb0275a11ed61cf6157f1df6a7864ae3706b5f2406b71b730768c7d487af2e215ff846b3c043058207aee12c8f9a9e410e703c4b2f936becc102b9158b08ac464441e; Path=/; Secure; HTTPOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:37 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.primegestaoempresarial.com/enroll/ScriptLib/md5.js
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/enroll/ScriptLib/md5.js
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /enroll/ScriptLib/md5.js HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://primegestaoempresarial.com/enroll/ScriptLib/md5.js
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.alaskausa.org/angelfish.js
107.162.171.161200 OK 8.7 kB URL HTTP/1.1 www.alaskausa.org/angelfish.js
IP 107.162.171.161:0
File type ASCII text, with very long lines (826)
Hash 23acb6d2cd2e079bfe986f0761b957d5
bb1cf7660324be47645c3e239b6fa51faa7421ea
ad8da576b2060355b1ed4f753cb2a19ee37bba690f9fff2442a2654e55f235eb
GET /angelfish.js HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 16 Sep 2022 21:12:55 GMT
Accept-Ranges: bytes
ETag: "3810b01611cad81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 17 Sep 2022 03:41:38 GMT
Content-Length: 8704
Via: 1.1 dca1-bit12005
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: Keep-Alive
www.alaskausa.org/pageUnavailable.asp?status=missing
107.162.171.161200 13 kB URL HTTP/1.1 www.alaskausa.org/pageUnavailable.asp?status=missing
IP 107.162.171.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (675), with CRLF, LF line terminators
Hash c85abc6c8e48a5f1eb85fd5e36528945
f859b9f34f10882fc1cd668daa4e894b0fd19272
8f7379b32f0bac46a36a9230a326a70dabacf03cb881d903bfa2c938e2368079
GET /pageUnavailable.asp?status=missing HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Cache-Control: private
Content-Type: text/html
Set-Cookie: ss=c; expires=Mon, 17-Oct-2022 03:41:38 GMT; path=/
lst=1062363519; expires=Sat, 17-Sep-2022 03:56:38 GMT; domain=.alaskausa.org; path=/; secure
ASPSESSIONIDCWCRDRQA=EGBDLIJCODPJLDOKEACLKDAL; secure; path=/; HttpOnly
TS01682a2f=01ae8fb027bd7ee25b6dc37e49590e080bec05705e225715d3389bda5b19736493a4460be37d2d84e8a9399a699681f587784ea8514179cdee10296c1454a14d7e0b15ded82bf982b236bd0b25f4c51f226728ec8b; Path=/; Secure; HTTPOnly
TS013395ac=01ae8fb027ca3357cc3cd1570a4cb174c7c3c02a4d225715d3389bda5b19736493a4460be320a44d8be6b8758e8bd9c3335d9ac18f56eaef60ff14806be67dfe0c5bf03454; path=/; domain=.alaskausa.org; HTTPonly; Secure
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 17 Sep 2022 03:41:38 GMT
Via: 1.1 dca1-bit12005
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.alaskausa.org/js/jquery-1.11.3.min.js
107.162.171.161200 OK 46 kB URL HTTP/1.1 www.alaskausa.org/js/jquery-1.11.3.min.js
IP 107.162.171.161:0
File type ASCII text, with very long lines (32038)
Hash cf54b56dbd2adb27eb44fe6defb747e6
78e81335c5c317f9d56877d2f011a74a50910dd8
9256346dc8067ab6665a68fe1590b676d13f8ecd353fa2676ec372a2f3338a94
GET /js/jquery-1.11.3.min.js HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 16 Sep 2022 21:13:57 GMT
Accept-Ranges: bytes
ETag: "8cda33c11cad81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 17 Sep 2022 03:41:37 GMT
Via: 1.1 dca1-bit12005
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44 HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://primegestaoempresarial.com/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621 HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/AriaLib.js
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/AriaLib.js
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /trade/alaska/alaskausa/ScriptLib/AriaLib.js HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/AriaLib.js
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3351
Expires: Sat, 17 Sep 2022 04:37:30 GMT
Date: Sat, 17 Sep 2022 03:41:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3351
Expires: Sat, 17 Sep 2022 04:37:30 GMT
Date: Sat, 17 Sep 2022 03:41:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3351
Expires: Sat, 17 Sep 2022 04:37:30 GMT
Date: Sat, 17 Sep 2022 03:41:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 65YRttsQYzjUMMZXrtAFPdgTPNQuRGnLFliXrcoc24iQgrdBCHolNQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:31:11 GMT
age: 18628
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CIWYkrbRUTWVmy3JC5GbpBN1i30fwtYqGDyoA9ehbPANY7gw7al9ow==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 00:42:42 GMT
age: 10737
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1024748-f90f-4a93-b16b-b8f8110102f2.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1024748-f90f-4a93-b16b-b8f8110102f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2182aefe8078f268f77064b982353421
b66a3b8245ed597751c5c17b63f45273ccacb3d4
bd0549ca87a0fb119e68cfd71d50118e3075cc8e99bcaa83761a9ab0c93ee2ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1024748-f90f-4a93-b16b-b8f8110102f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8892
x-amzn-requestid: 683b4d8c-3704-4db5-837c-8d27302173a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmxsHrToAMFo4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d51a4-6e53a23464675f511588380b;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:10:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9TTQPBF7pLROmkjS2laYeheFccAiDgmhrShlpETqR20R6RTs4u5oRA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:01:51 GMT
age: 20388
etag: "b66a3b8245ed597751c5c17b63f45273ccacb3d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e8614f-d7d5-4a87-adf0-ab2cfcfb023b.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e8614f-d7d5-4a87-adf0-ab2cfcfb023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e963daffb462e89d9d67e6193944cc3
ff29c630c2ed8a67fe5cd4622dc9f1d23234b58c
cc24af0aedb89ab059b6706b8e51708547ea2ce2b2c2743425810b44af7c68c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e8614f-d7d5-4a87-adf0-ab2cfcfb023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5956
x-amzn-requestid: 19032fea-67c3-404f-bf3e-9b436a61a7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeNW4G30oAMFw0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63225c2b-3da099be3781af033658520f;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:56:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iITasHJYVP9sMCE7074VGGXwzKVd-0VdZqWYFuKPSt3G91Tq2vWExA==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 23:32:44 GMT
age: 14935
etag: "ff29c630c2ed8a67fe5cd4622dc9f1d23234b58c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69ca046c-b383-4d64-aef3-fafc193a3eed.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69ca046c-b383-4d64-aef3-fafc193a3eed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 20b6a1689323aa27849ac54176654806
08017e213e903a82b82317bac58ae50383a87123
d3c8c0bcab34e2c113d560b8d3c60c182a8a795d6b69eee9755fde06fa288f46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69ca046c-b383-4d64-aef3-fafc193a3eed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8096
x-amzn-requestid: ba1d77b6-b3e9-4b0e-804e-3462aa4eb258
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3x-zEh6oAMFzFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd2b-683db646266230d41e6209e7;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:07:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _wSEyhnzLHyvJAKLMVh4i2CDG6R9usxvEkLC5RFf_WV7iryHb9QrDg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 04:17:08 GMT
age: 84271
etag: "08017e213e903a82b82317bac58ae50383a87123"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d46a910081eb782408f1a2fa3c6aabba
28ac45ef155c66dd79a306f14d3b38f597b6a32e
d5787a6a12d275555c627e3245b37d4e751148345a09d5671b343cfebe7173b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: e1ca6cef-c033-4887-80cf-2014ab8e620c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ykn5cEnLIAMFrzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ed09-3afc16cf66fef0e62dd6f3cc;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:39:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BaRpWB_XOMxTJPufnSjd4KSfecRwLe9U5W7uEoXy7pgAa4KSC0n7eg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:03:28 GMT
age: 20291
etag: "28ac45ef155c66dd79a306f14d3b38f597b6a32e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/DotNetScripts_v4.js
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/DotNetScripts_v4.js
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /trade/alaska/alaskausa/ScriptLib/DotNetScripts_v4.js HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/DotNetScripts_v4.js
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trade/alaska/alaskausa/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:39 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/enroll/ScriptLib/md5.js
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/enroll/ScriptLib/md5.js
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash 452a3fad1cfb4adca6580972c3acdeb6
948842e2db4228e712adc99340aa6061d6ab3d1d
8232450178e9139f55d87c110a0157c38b239a23b9f19f690f175e1cf0547c41
Analyzer Verdict Alert fortinet Phishing
GET /enroll/ScriptLib/md5.js HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash 6ad5473b2f1b374be6c38edefbd2f4ee
6f6e43fbb1fc913a4fb6d38662f94ef62bc3da97
88b302de68f245371498abb1c743e2e0a05164e83df193884c80cdf3281cb1b8
GET /trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash 2333d5269b6e523e00fb27fade035b1b
8cbdb410307e4270e8e2e54dfa7ed4923f4d48bd
27c01064d4476d8ee08f19f7085c0eef168bbba6a38181585c9bdb2fecdaf412
Analyzer Verdict Alert fortinet Phishing
GET /trade/alaska/alaskausa/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:38 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.alaskausa.org/js/jsSuite-1.8.js
107.162.171.161302 Object moved 296 B URL HTTP/1.1 www.alaskausa.org/js/jsSuite-1.8.js
IP 107.162.171.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 33dc966734cea833f261863e35b1f2f3
b1c3e2ea6431645131178005d1eb1677c40cf4e5
21ec73760050529f53f914ef8194651a4c2de4411e4bc36be410947bd3a26dbc
GET /js/jsSuite-1.8.js HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Object moved
Cache-Control: private
Content-Type: text/html
Location: /pageUnavailable.asp?status=missing
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 17 Sep 2022 03:41:41 GMT
Via: 1.1 dca1-bit12005
Set-Cookie: ASPSESSIONIDSGUCAAQA=MOGCJKGCEHICPFDCMKBLAHAC; secure; path=/
TS01682a2f=01ae8fb027740f68c2dd3d12c9100af105c21ae58a00f5c08eb140bb0133955c20e41770dfc858e6eb3206f5e2fa62893c075d28ecaa7fb3807e9479e2be6873cba3790a0f; Path=/; Secure; HTTPOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.alaskausa.org/pageUnavailable.asp?status=missing
107.162.171.161200 13 kB URL HTTP/1.1 www.alaskausa.org/pageUnavailable.asp?status=missing
IP 107.162.171.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (675), with CRLF, LF line terminators
Hash c85abc6c8e48a5f1eb85fd5e36528945
f859b9f34f10882fc1cd668daa4e894b0fd19272
8f7379b32f0bac46a36a9230a326a70dabacf03cb881d903bfa2c938e2368079
GET /pageUnavailable.asp?status=missing HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Cache-Control: private
Content-Type: text/html
Set-Cookie: ss=c; expires=Mon, 17-Oct-2022 03:41:40 GMT; path=/
lst=1444110719; expires=Sat, 17-Sep-2022 03:56:40 GMT; domain=.alaskausa.org; path=/; secure
ASPSESSIONIDSGUCAAQA=OOGCJKGCBKPOFPOKLHGELGKI; secure; path=/; HttpOnly
TS01682a2f=01ae8fb027573f50092214203bafc293eb520da3f9ece387e904c320d8473f564cdcdb26dfc242f52d7210fb0ec5be2456c5b928930f8eaaf7c208f9339a6a224b4aea7d77fa2c7bdf5f4cdf5cc851a71632c2643c; Path=/; Secure; HTTPOnly
TS013395ac=01ae8fb027c0d29cf5f2a828694e3ee6b2eac6d6b0ece387e904c320d8473f564cdcdb26df531ab0263737b3999ad6ffe8565e7ca94b4420f888590c614e226bd8e5732fd9; path=/; domain=.alaskausa.org; HTTPonly; Secure
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 17 Sep 2022 03:41:41 GMT
Via: 1.1 dca1-bit12005
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.primegestaoempresarial.com/trade/alaska/alaskausa/Scripts/jquery-1.10.2.js
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/trade/alaska/alaskausa/Scripts/jquery-1.10.2.js
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /trade/alaska/alaskausa/Scripts/jquery-1.10.2.js HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:39 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/Scripts/jquery-1.10.2.js
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_UtilityStyles_v4.css
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_UtilityStyles_v4.css
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trade/alaska/alaskausa/App_Themes/DefaultTheme/_UtilityStyles_v4.css HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:39 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_UtilityStyles_v4.css
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:41 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/DotNetScripts_v4.js
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/DotNetScripts_v4.js
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash b11ba468954351bc2df4f3396376d460
4874c0c5ae5f07933f5e73555705ebd90dc563b8
a6468cba8b0212b0867daa0109a80769b831eae351fdf6266142faab414984f3
Analyzer Verdict Alert fortinet Phishing
GET /trade/alaska/alaskausa/ScriptLib/DotNetScripts_v4.js HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:40 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash d6370f8ed9d204999c8d539d1e95d4f4
e925af462ef1bb97fd7c1fea1846a1bc7d8fefa2
4a9c12606084c074ed024aabb86bf5ebadff3f55260b0f462e5fc01215b1f6aa
GET /enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:39 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash dc67df468fed034a0fbaa8fa62fc9260
cd5157903fad62e534dc20365c070ed2be3476a1
29f1e3aebaa00d5399e52282fdb947cfd27a73e369cc7f12935f210aaafe0409
GET /enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621 HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:39 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash 62eec9d8e7a7250ae8b48257c03fe7a7
e79a70938956597654ff16da2a72339211d9993a
80868520612c83db005544d1cf0589407047356bca80c2dc1829a2aae3305860
GET /enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44 HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:39 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/AriaLib.js
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/trade/alaska/alaskausa/ScriptLib/AriaLib.js
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash 79c4c858a5f6ffa77a1c6cffc56a215c
22cb442d70c4d654238560570914da3ac8628865
f2601c42836b4e3d661870c54d5fe13ce1b99bee86d5f8c278cd2fab1ad192c5
Analyzer Verdict Alert fortinet Phishing
GET /trade/alaska/alaskausa/ScriptLib/AriaLib.js HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:40 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash c41b2c47dcbe8693378379c33d0e54eb
6b8fd5bce195af50ad0776af7ac2fd7ee584b4a4
0beadeaf635ba26f4acd9b5ee5a8e8f73fc650120948b6d612e225a12d220150
GET /enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:40 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash 552d49fea33a887007332d1246104faa
c6bfa20a44b0f8b3d140b170ea6b7c3f11744f9f
02358ccc5969ee3c429e368236e691a645df2a1a4081d93354222f5b2c2d0353
GET /trade/alaska/alaskausa/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:41 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash 4c74567754c8872514b1e3e1f40d9e8e
e22592c85268b8f54a19a611f694652295fab04f
f4003f8a1e8fa13002f885856274b8fbb35679ef9d87ecce52f9e0098bfdb689
GET /trade/alaska/alaskausa/App_Themes/DefaultTheme/_ControlStyles_v4.css HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:41 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/trade/alaska/alaskausa/Scripts/jquery-1.10.2.js
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/trade/alaska/alaskausa/Scripts/jquery-1.10.2.js
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash db2182ffa74bb96d23ab8696a8ffd7cd
04d01b8800e3058610473f0ee852b3e3d9c13fc3
ba7ee53dcb00d73fcc2d6708ab057d3b2a4b4545317f618a19b54c1c77f088a1
Analyzer Verdict Alert fortinet Phishing
GET /trade/alaska/alaskausa/Scripts/jquery-1.10.2.js HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:41 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_UtilityStyles_v4.css
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/_UtilityStyles_v4.css
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash e7d69bf37b23767d1fa490ba422d31a0
4d2208ca388eea0d40b5feca1adfcc4c25db3691
a7bae15c4abaf00f10e9ff4eb1faccf273552114935dbbaf9e5a2078296b74f3
GET /trade/alaska/alaskausa/App_Themes/DefaultTheme/_UtilityStyles_v4.css HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:41 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.alaskausa.org/images/nav/EHL_2016_gray.png
107.162.171.161200 OK 3.3 kB URL HTTP/1.1 www.alaskausa.org/images/nav/EHL_2016_gray.png
IP 107.162.171.161:0
File type PNG image data, 55 x 59, 8-bit colormap, non-interlaced\012- data
Hash 859cf2ed8319f4931c1e2371bee8b46d
ff866fe6e3071999e6c057dae5aed927aefd047f
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
GET /images/nav/EHL_2016_gray.png HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 16 Sep 2022 21:13:46 GMT
Accept-Ranges: bytes
ETag: "90c2243511cad81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 17 Sep 2022 03:41:42 GMT
Content-Length: 3317
Via: 1.1 dca1-bit12005
www.alaskausa.org/images/nav/akusafcu_logo.png
107.162.171.161200 OK 16 kB URL HTTP/1.1 www.alaskausa.org/images/nav/akusafcu_logo.png
IP 107.162.171.161:0
File type PNG image data, 220 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash dc43cc5c96d54639189781edf322cac9
26c53d9c975f997481520a336ac5f6a22f115c74
6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603
GET /images/nav/akusafcu_logo.png HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 16 Sep 2022 21:14:09 GMT
Accept-Ranges: bytes
ETag: "c0f6234311cad81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 17 Sep 2022 03:41:42 GMT
Content-Length: 16228
Via: 1.1 dca1-bit12005
www.alaskausa.org/images/images.asp?ref=NCUA_2016_gray.png
107.162.171.161200 OK 4.3 kB URL HTTP/1.1 www.alaskausa.org/images/images.asp?ref=NCUA_2016_gray.png
IP 107.162.171.161:0
File type PNG image data, 146 x 65, 8-bit colormap, non-interlaced\012- data
Hash 38b7240d957be9f71b5271246fb01f67
9007e7baf8e357ac11c8541c871e48960c8d9f30
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878
GET /images/images.asp?ref=NCUA_2016_gray.png HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: image/x-png
Expires: Sat, 17 Sep 2022 03:41:43 GMT
Content-Disposition: filename="ncua_2016_gray.png"
Set-Cookie: lst=1415373183; expires=Sat, 17-Sep-2022 03:56:42 GMT; domain=.alaskausa.org; path=/; secure
ASPSESSIONIDSGUCAAQA=APGCJKGCEDOIAGIAABDBCBDL; secure; path=/; HttpOnly
TS01682a2f=01ae8fb027c0cce1c54eb817ce09928dbda71817d95af2950386ae765ccfbcc87e16ad646bd100c8a2b54b816e7c0425f7ee1f475ac22ad5b0d4c71edad9bb3fd06d5cbbaf; Path=/; Secure; HTTPOnly
TS013395ac=01ae8fb027610b5e6cd0e8574cc3085195f59c70a55af2950386ae765ccfbcc87e16ad646bc7d5ff075cca56cb79ab58bddef24fb19757b0432b1283bd67f81100ae0b609d; path=/; domain=.alaskausa.org; HTTPonly; Secure
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Sat, 17 Sep 2022 03:41:42 GMT
Connection: close
Via: 1.1 dca1-bit12005
Transfer-Encoding: chunked
www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/ControlImages/close.png
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/ControlImages/close.png
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trade/alaska/alaskausa/App_Themes/DefaultTheme/ControlImages/close.png HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:42 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/ControlImages/close.png
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621 HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:42 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/ControlImages/close.png
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/trade/alaska/alaskausa/App_Themes/DefaultTheme/ControlImages/close.png
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash c49ff2d95a080dff4aea0722c07dece7
18ff9b3404eb083d3cdb3194f9eca7dbac10a516
b06f478a5a087494b5e749e9fd8f917e82f2ca6c3d7cefc25bd664b87d91e6cc
GET /trade/alaska/alaskausa/App_Themes/DefaultTheme/ControlImages/close.png HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:43 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
192.185.223.116404 Not Found 19 kB URL HTTP/1.1 primegestaoempresarial.com/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash 207e83e0448368abe7fc1e0a45c20135
f342b03f1da3607c9bb056e568cc7e0394f26d9c
e60132afb7e4eeba99e9bc44e79db3719a68b224f608fd222182e8cdcea5ded7
GET /enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621 HTTP/1.1
Host: primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.primegestaoempresarial.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 03:41:43 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.primegestaoempresarial.com/enroll/ScriptLib/md5.js
192.185.223.116301 Moved Permanently 0 B URL HTTP/1.1 www.primegestaoempresarial.com/enroll/ScriptLib/md5.js
IP 192.185.223.116:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /enroll/ScriptLib/md5.js HTTP/1.1
Host: www.primegestaoempresarial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primegestaoempresarial.com/trade/alaska/alaskausa/security.php?cmd=login_submit&id=&session=
Cookie: _gcl_au=1.1.1709326536.1663366148; _ga_R11FYFZ8HF=GS1.1.1663372451.2.0.1663372455.0.0.0; _ga=GA1.2.711320748.1663366148; agfs=74122dd32c8db8d54f418604dff41ce4.96054869&1663372453&1663372453&direct&(none)&&&&&; _gid=GA1.2.1028608061.1663366150; _uetsid=3043d250360c11ed910aa98a5aade302; _uetvid=3043ff60360c11edb35d61369583d29b
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 03:41:44 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://primegestaoempresarial.com/enroll/ScriptLib/md5.js
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8