r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5778
Expires: Fri, 09 Dec 2022 22:37:31 GMT
Date: Fri, 09 Dec 2022 21:01:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14149
Expires: Sat, 10 Dec 2022 00:57:02 GMT
Date: Fri, 09 Dec 2022 21:01:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20978
Expires: Sat, 10 Dec 2022 02:50:51 GMT
Date: Fri, 09 Dec 2022 21:01:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 20:08:20 GMT
content-type: application/json
age: 3173
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ts5VX1euO5z5F7ZEAlOvhrjUCUvnoHogNQi9HmoGB8Z1BVeN/2EPh8EBIkA6xxu+Mb0ZWAxR4lo=
x-amz-request-id: E7TZJ8SERCWX9TM9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 20:50:24 GMT
age: 649
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 21:01:13 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.youroffice.com.br/
207.38.88.48301 Moved Permanently 0 B IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 21:01:13 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://www.youroffice.com.br/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 20:33:13 GMT
age: 1681
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5935
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 21:01:14 GMT
Last-Modified: Fri, 09 Dec 2022 19:22:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.160.184.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.184.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QWmYvU6CawXKtDNoelef5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qKTRuq3GzVHe8o0BuaZiFWLx3Xc=
www.youroffice.com.br/
207.38.88.48200 OK 17 kB IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 4d63e620bfdfe49a1c62d11539bbf905
dcef4d18038a182f7866cc2fc4230ba280191fb4
6792da8427d78990a19093a2e59754119c8f194afc883fbf6fb4433c9314507c
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:14 GMT
Server: Apache
Link: <https://www.youroffice.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 17349
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 21:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youroffice.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
207.38.88.48200 OK 12 kB URL HTTP/1.1 www.youroffice.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (47826)
Hash 5e3752655a7a33c049db06c0edf386e6
573c51b0de413f30a220c9261506635f9daf2b81
d6571c641370e9bb83b25b5a493fca6ae3109ae384f7a8a9507ccdfb9067627d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 07:25:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 11590
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 21:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/custom/prismjs/prismjs.bundle.css?ver=210114
207.38.88.48200 OK 798 B URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/custom/prismjs/prismjs.bundle.css?ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash 0291b9e392e3891fc40e96ace3545356
758248864042debcb9ea78ae61b49914aa037b59
cb0c82205211e884ad6242f675f7bb1c7b8b0e2e551c289ab6dcd32661997605
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/metronic/plugins/custom/prismjs/prismjs.bundle.css?ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 15:09:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 798
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.youroffice.com.br/wp-includes/css/classic-themes.min.css?ver=1
207.38.88.48200 OK 145 B URL HTTP/1.1 www.youroffice.com.br/wp-includes/css/classic-themes.min.css?ver=1
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash 2dfb9ddeabe846b150087876ceb22a74
c9e3350631e53855d04d6dce360a675c84b3131d
26ef5cb63a695419cf11c79a759b46c5568df3716e4f1d36e7612b3695d5b554
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:53:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 145
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/carrocel/assets/owl.carousel.min.css?ver=210114
207.38.88.48200 OK 916 B URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/carrocel/assets/owl.carousel.min.css?ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3184)
Hash 39f5857d9c72a0894b97be12ebf1f98f
9ae794900fa4a78a6f9f4ada1e2df7ceb972d8b5
9249dbf20297e42328a9759db063f678c3fb71355a6e78edd8acddccf2d69ed6
GET /wp-content/themes/youroffice2021/dependencias/carrocel/assets/owl.carousel.min.css?ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 916
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.youroffice.com.br/wp-content/plugins/formcraft3/dist/form.css?ver=3.8.25
207.38.88.48200 OK 8.3 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/plugins/formcraft3/dist/form.css?ver=3.8.25
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (64566), with no line terminators
Hash 34b26b40798ed1d5b4727332e4b61e91
c7cd869d19912de938c2d7186c4f97e787d5433e
490b1c0b16de205183865523e5122452acb27d1024305605b0c304bb80071a37
GET /wp-content/plugins/formcraft3/dist/form.css?ver=3.8.25 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Tue, 26 Oct 2021 15:20:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 8306
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.youroffice.com.br/wp-content/plugins/formcraft3/dist/formcraft-common.css?ver=3.8.25
207.38.88.48200 OK 5.4 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/plugins/formcraft3/dist/formcraft-common.css?ver=3.8.25
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (28249), with no line terminators
Hash 1254bd6f5cc8ee891ac60d2a9f0b523e
8dbbbf1735657b03be6a4cfc43368457de67d350
1d9825fecad01f0172b615e02b1bd5fe2f70660ccc875f2011584fafd414c34d
GET /wp-content/plugins/formcraft3/dist/formcraft-common.css?ver=3.8.25 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Tue, 26 Oct 2021 15:20:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 5380
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/css/main.css?ver=210114
207.38.88.48200 OK 392 B URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/css/main.css?ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash 6523db2dc047b54eef4f0fb5f08b5dc6
dd1044e6342007e48777a101095ded786a05866b
1f8c5b19a806539c7ae881b9567e82d1a0f5d766fd3943bdd1b97447d661498b
GET /wp-content/themes/youroffice2021/dependencias/css/main.css?ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 01:29:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 392
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/css/carrocel.css?ver=210114
207.38.88.48200 OK 473 B URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/css/carrocel.css?ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash 2357a253f19dd14b771ba789dcd0d9e5
61884fae8721713bc75f818e7a74048f443f4a50
3e8b5d0e5c20dd3f1267a7aa2e3acc9dba48f0d176367bf0691383f5cfe3414d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/css/carrocel.css?ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 473
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.youroffice.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
207.38.88.48200 OK 4.0 kB URL HTTP/1.1 www.youroffice.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 1fbb59519536e28eeb7ae7173973c39f
f6542c5d0f96f621eea4f3cb442021dfe33863fa
b1b54befd52c3605721bf8b5a6c0290c572929138358738826873751256b191c
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 3998
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.youroffice.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
207.38.88.48200 OK 30 kB URL HTTP/1.1 www.youroffice.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash fb1aea2f7ce09f9d2e290d73d57defdf
62d40e64c8aeff20834868816d20d6a645fd2565
367cc15d582c7056695a307c1ef9b32a9e4810c16e33f27eac05909a1f57d4b4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:53:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 30350
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/plugins.bundle.css?ver=210114
207.38.88.48200 OK 65 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/plugins.bundle.css?ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (818)
Hash 7e5033f38371a9795defa94b30517667
b90675ec20473b2a199e63471ac0412ef59ffaa0
23275e01e0254fe4d23f36b33695d02417f204aebd7bb72897e4f50c2a799489
GET /wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/plugins.bundle.css?ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 15:11:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/custom/prismjs/prismjs.bundle.js?ver=210114
207.38.88.48200 OK 16 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/custom/prismjs/prismjs.bundle.js?ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type HTML document, Unicode text, UTF-8 text, with very long lines (506)
Hash 0d3a68535b1ba4ffeefebefd48b47734
9edbc11d976727224f7437e62e6e44da1359421d
6b54742a4545e9979b9b762f0ab1a4c972214066aaed1a8a0fc6fc6413e89b9b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/metronic/plugins/custom/prismjs/prismjs.bundle.js?ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 15:09:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 16343
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/css/style.bundle.css?ver=210114
207.38.88.48200 OK 142 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/css/style.bundle.css?ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (624)
Size 142 kB (141788 bytes)
Hash 5c771a770b989d2c6bc33100c5a030eb
72d687f5a9dd24425e31f5c0a47d47ba5a8e669a
68cd4c1f452c19a1f2b8b10e42b4553b3c22662edef7099221c3eba91df03c1f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/metronic/css/style.bundle.css?ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/carrocel/owl.carousel.min.js?ver=210114
207.38.88.48200 OK 11 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/carrocel/owl.carousel.min.js?ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (31997)
Hash 68105841996efd4632b5ebdaa6d69d14
cfeefd0f79027da5105c3ae7eb746950e445584b
549918125b0815475e0bd06e73b64347fd51b7959ae07010d9a4e11a563e1449
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/carrocel/owl.carousel.min.js?ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 11161
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/js/funcoes.js?ver=210114
207.38.88.48200 OK 1.1 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/js/funcoes.js?ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash ba19c6b480d148677703df0dad66e5a5
096f96875603b5ff6390e666ed66379bad280bcf
b7b9cd9d3e9bf8a780d38c95cddd34b92d0b5c0b79381f46a3b5cf02aa3f1aaa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/js/funcoes.js?ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Mon, 01 Nov 2021 23:18:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 1064
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/js/main.js?ver=210114
207.38.88.48200 OK 755 B URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/js/main.js?ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash 8a362367dbb922e70f309960c65c4cc4
f39a726c358693652eb916aff916b4e1a51fba30
1b70394637e9a1ed0c32c025915ab482561034e76056afd3b811e501d3941a23
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/js/main.js?ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2021 00:02:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 755
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.youroffice.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
207.38.88.48200 OK 4.6 kB URL HTTP/1.1 www.youroffice.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15660)
Hash a0083d25b89ea80ecd2393db9f865d62
24eaf2df7c722fb13f2b5bf77ada5ee446720c25
f7533cb93f2efbb9e3bccfa9ff4036a2cafa7dd1bd4d66bea4833306b321e957
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 05:56:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 4614
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.youroffice.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9
207.38.88.48200 OK 12 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash ee5a6bec0879d3e1338b5ded8ab0ccfc
cc79d4359c867b840d273e57efa5f98dcef2f734
6f82735e52bee5d71a1aa3c2e39e7b9a8412db8f4d96da2da3a6186eeba92c07
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:57:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 11763
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13730
Expires: Sat, 10 Dec 2022 00:50:06 GMT
Date: Fri, 09 Dec 2022 21:01:16 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13730
Expires: Sat, 10 Dec 2022 00:50:06 GMT
Date: Fri, 09 Dec 2022 21:01:16 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13730
Expires: Sat, 10 Dec 2022 00:50:06 GMT
Date: Fri, 09 Dec 2022 21:01:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 83392
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 49637
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:33:36 GMT
age: 30460
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/js/scripts.bundle.js?v=7.0.6&ver=210114
207.38.88.48200 OK 56 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/js/scripts.bundle.js?v=7.0.6&ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash 2375ff84c39328773a3d99b532b55b6e
9dd1cb0c0f48271915e06c6511ed1efdfa8892bf
0565998b798ff212cf4316c50be6788f2774381d8afa372a1feb9ea500d46e08
GET /wp-content/themes/youroffice2021/dependencias/metronic/js/scripts.bundle.js?v=7.0.6&ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 15:00:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 55899
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Roboto:400%7CBarlow:700&display=swap
142.250.74.106200 OK 8.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400%7CBarlow:700&display=swap
IP 142.250.74.106:0
Hash 1497f4d52eb7da4e98cf3cd17c57ba3a
4fcac5a9c823f8e0ee354e15e1733c9a6b34dc5f
aa202394966bc4e8a178a1ddf0ed885bee090a1aa93e31e2955c54e141a10677
GET /css?family=Roboto:400%7CBarlow:700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 21:01:15 GMT
date: Fri, 09 Dec 2022 21:01:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 49681
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:46:15 GMT
age: 58501
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700&ver=6.1.1
142.250.74.106200 OK 46 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700&ver=6.1.1
IP 142.250.74.106:0
Hash a86191b9d70cd1d2b7e303c0e93ca939
a31d7dbea975c7dd4d2e3d9e40d292653bcd2dd0
5ac77c7ff7a3c0d76755fcf3664db6611076fb4ce071b32bd06acc3450e18478
GET /css?family=Poppins%3A300%2C400%2C500%2C600%2C700&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 21:01:15 GMT
date: Fri, 09 Dec 2022 21:01:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youroffice.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9
207.38.88.48200 OK 93 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (64288)
Hash 339928a50bfd4ae2c7e588b19404ba34
a6ca482fa85434addd16bcda08191e20280e0728
7b8a5c7225b418594559d046c068bf0529c8f02a4e19abff9dbef02707de884d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:16 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:57:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 93395
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/plugins.bundle.js?ver=210114
207.38.88.48200 OK 915 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/plugins.bundle.js?ver=210114
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Size 915 kB (915037 bytes)
Hash 9f444a5102b0cf2ec93bde7fbb5f8474
17f671e34eed191b76871b2ed223cc3663627b2a
03dc6105d4d4d55e1c30c8726478f1bbf28c7eb02fd576bcade12ee8d107d529
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/plugins.bundle.js?ver=210114 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:15 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 15:11:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.youroffice.com.br/wp-content/uploads/2021/10/duvidas-de-empreendedores-384x278.jpg
207.38.88.48200 OK 24 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2021/10/duvidas-de-empreendedores-384x278.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 384x278, components 3\012- data
Hash d239d39826093540c4cdf799757f8661
8d3fdb96c17cd56e979565a6ec18e6a51f2cfd01
c986e053a36dd3dd6731a4150b395e6791380aaca50ffc52ff109ea476a9c041
GET /wp-content/uploads/2021/10/duvidas-de-empreendedores-384x278.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:16 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 00:44:01 GMT
Accept-Ranges: bytes
Content-Length: 23891
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2022/01/seguro_cyber_youroffice_site-384x278.jpg
207.38.88.48200 OK 38 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2022/01/seguro_cyber_youroffice_site-384x278.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [\012- TIFF image data, big-endian, direntries=3, software=Adobe Photoshop CS6 (Windows)], baseline, precision 8, 384x278, components 3\012- data
Hash 6527a07c01d5a596830c3727ffe92f8e
60f2b44947500495f9b7b6ca1982ef32d0a2b1e5
63ff9fb1df453c39e93096f3b0c77d82e4f05acc89eddd8d05d084613c3aa1d0
GET /wp-content/uploads/2022/01/seguro_cyber_youroffice_site-384x278.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:16 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 16:09:47 GMT
Accept-Ranges: bytes
Content-Length: 37964
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2022/03/vantagens_escritorio_virtual-384x278.jpg
207.38.88.48200 OK 28 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2022/03/vantagens_escritorio_virtual-384x278.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 384x278, components 3\012- data
Hash 260d109883cf5faa12fa96115f531440
371d91a1886c26e1bdef1766e8e91d991b519ecd
0e51169bccdfcc3f9cebf40a4455a5c9cc395f4e1377806146c3b781ea17205f
GET /wp-content/uploads/2022/03/vantagens_escritorio_virtual-384x278.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:16 GMT
Server: Apache
Last-Modified: Thu, 17 Mar 2022 12:45:18 GMT
Accept-Ranges: bytes
Content-Length: 28114
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2021/10/home-office-e-seus-efeitos-384x278.jpg
207.38.88.48200 OK 22 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2021/10/home-office-e-seus-efeitos-384x278.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 384x278, components 3\012- data
Hash acb79bda406e6a7174c211fd6c0ee7df
1441a8aa51abb0914898809c84efc809180177ad
47108af756c6d59eb2616f3fda02633a2abcf1c493cdc0c3ca4ba2f20d96d7ee
GET /wp-content/uploads/2021/10/home-office-e-seus-efeitos-384x278.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:16 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 00:44:01 GMT
Accept-Ranges: bytes
Content-Length: 22245
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2021/10/dica-de-leitura-para-empreendedores-384x278.jpg
207.38.88.48200 OK 36 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2021/10/dica-de-leitura-para-empreendedores-384x278.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 384x278, components 3\012- data
Hash ed4775fd89f5c9582cc9cab03e07c801
5985d5ea568bd5be17c111bb7c9709e48cd60286
e57a7359bef314aa7b7a07658abc3254025092d8aadd23e1bf75c59425f64b31
GET /wp-content/uploads/2021/10/dica-de-leitura-para-empreendedores-384x278.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:16 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 00:43:48 GMT
Accept-Ranges: bytes
Content-Length: 35867
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2021/10/coworking-advogados-384x278.jpg
207.38.88.48200 OK 32 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2021/10/coworking-advogados-384x278.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=15, height=3840, bps=194, PhotometricIntepretation=RGB, description=Portrait of modern bearded businessman working in office using laptop and reviewing documentation, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=5760], baseline, precision 8, 384x278, components 3\012- data
Hash bc9a2948ba50f208272a8efdf7668d03
bff3e076ff7531ab9025a95db24ab5977f297ee6
2dfc76ae54e32e800701b10136f2494072435ee2f0874bba0865527aeef89354
GET /wp-content/uploads/2021/10/coworking-advogados-384x278.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:16 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 00:44:01 GMT
Accept-Ranges: bytes
Content-Length: 32219
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2021/10/voce-conhece-as-vantagens-e-beneficios-em-ter-um-escritorio-virtual-384x278.png
207.38.88.48200 OK 46 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2021/10/voce-conhece-as-vantagens-e-beneficios-em-ter-um-escritorio-virtual-384x278.png
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 384 x 278, 8-bit/color RGBA, non-interlaced\012- data
Hash 99e9388246994d7cb76a0d7068fee1ec
a1ee2dbc75e2a96fbbd23de5929be394f5a5296c
e28e7392228ff38d57b308d07d2cb0c3a367b0d6d74724d361376015e24feb50
GET /wp-content/uploads/2021/10/voce-conhece-as-vantagens-e-beneficios-em-ter-um-escritorio-virtual-384x278.png HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:16 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 00:44:05 GMT
Accept-Ranges: bytes
Content-Length: 46402
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.youroffice.com.br/wp-content/uploads/2021/10/aproveite-as-areas-de-conveniencia-dos-escritorios-compartilhados-384x278.jpg
207.38.88.48200 OK 28 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2021/10/aproveite-as-areas-de-conveniencia-dos-escritorios-compartilhados-384x278.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 384x278, components 3\012- data
Hash 9c688d8bfed975c74d1283d01feb04a8
0b8c0330c1484eb91d5e99ff8b1290da9bfcc643
437fce894485e363122a71025c601b63f4ce0f5c29985f1b1012cf05fb1fd0a4
GET /wp-content/uploads/2021/10/aproveite-as-areas-de-conveniencia-dos-escritorios-compartilhados-384x278.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:16 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 00:44:03 GMT
Accept-Ranges: bytes
Content-Length: 27914
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2020/09/home-office-coworking-conheca-os-beneficios-384x278.jpg
207.38.88.48200 OK 42 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2020/09/home-office-coworking-conheca-os-beneficios-384x278.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 384x278, components 3\012- data
Hash f1aafcb9b771a2c98eaf2454bad42b9e
cd0cec15630f9e723737318c7f677222e8ed323a
1464b4d9b5b6ddc06ba8ccd83dbbbd19c2526a04c2d87fbf3d39990addf302d0
GET /wp-content/uploads/2020/09/home-office-coworking-conheca-os-beneficios-384x278.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:16 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 00:44:03 GMT
Accept-Ranges: bytes
Content-Length: 41694
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2021/10/pandemia-muda-rotina-dos-escritorios-384x278.jpg
207.38.88.48200 OK 19 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2021/10/pandemia-muda-rotina-dos-escritorios-384x278.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 384x278, components 3\012- data
Hash 5745c10cd7dad0bd6d106accf9147d67
96abd2104f0c0d63dde028571fa4b702d4cdd02a
31be60b3d568a0d010f20f009ff5138c2b8fb483f86c10ebb7e88295bc2754e3
GET /wp-content/uploads/2021/10/pandemia-muda-rotina-dos-escritorios-384x278.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 00:44:03 GMT
Accept-Ranges: bytes
Content-Length: 18988
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2021/10/logo-youroffice-1.png
207.38.88.48200 OK 20 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2021/10/logo-youroffice-1.png
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 820 x 218, 8-bit/color RGBA, non-interlaced\012- data
Hash f3ab3333e7aaadc6b8b24f3ceb91b757
c0e7c42c773bb09e8563e08098b6575eb149fd66
888f856878961d778f297a216eef757da2e34210e19956da29319641ea1dbf7c
GET /wp-content/uploads/2021/10/logo-youroffice-1.png HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 16:35:16 GMT
Accept-Ranges: bytes
Content-Length: 19475
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/detalhe1.png
207.38.88.48200 OK 41 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/detalhe1.png
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 1280 x 681, 8-bit colormap, non-interlaced\012- data
Hash 8570e615dbd3e686bacc8e51c82d9ebf
bcb9969240699c9c632afa5bb75cd812493909d2
b0df84b05850a4322dbdccacb8121c2790d303febbc42e36f27984637d58b881
GET /wp-content/themes/youroffice2021/dependencias/imagens/detalhe1.png HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:24 GMT
Accept-Ranges: bytes
Content-Length: 40693
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.youroffice.com.br/wp-content/uploads/2021/10/o-futuro-nos-reserva-um-novo-normal-384x278.jpg
207.38.88.48200 OK 45 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2021/10/o-futuro-nos-reserva-um-novo-normal-384x278.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=19, height=3840, bps=242, PhotometricIntepretation=RGB, description=Businesswoman speaking on the phone and browsing online, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=5760], baseline, precision 8, 384x278, components 3\012- data
Hash f287c58c8506a71adf3173e165940271
790c2e2875fc50c9501e0c11fa0244ca9666dc31
63d39e805749b8a2b07d845e673b2223e248d5561909f745c9ff80055205aaef
GET /wp-content/uploads/2021/10/o-futuro-nos-reserva-um-novo-normal-384x278.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 00:43:55 GMT
Accept-Ranges: bytes
Content-Length: 45434
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2021/10/coworking-home-office-384x278.jpg
207.38.88.48200 OK 43 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2021/10/coworking-home-office-384x278.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=417, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=626], baseline, precision 8, 384x278, components 3\012- data
Hash 8d72d79b0cadedf280d3ee15b7b8e2fc
6d05440f57510dcb889f4a612b6e1d6aab88a648
b3698990acca9859f021baeaff0004987c97c5f8a2dbbf25d45e01ce327a85fd
GET /wp-content/uploads/2021/10/coworking-home-office-384x278.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:16 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 00:43:50 GMT
Accept-Ranges: bytes
Content-Length: 43384
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/d-2.jpg
207.38.88.48200 OK 24 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/d-2.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 610x400, components 3\012- data
Hash b6e7a576bddc7366dd79cb8df8dfc6d1
9476ba691d4bdf3092f4108c21fd4cd3ae67b80f
fdbca159f16b3abf0924abc7654a81f5f28a156e77b063d4cccf490c43fd3c2c
GET /wp-content/themes/youroffice2021/dependencias/imagens/d-2.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:22 GMT
Accept-Ranges: bytes
Content-Length: 24527
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/plugins/revslider/public/assets/assets/dummy.png
207.38.88.48200 OK 68 B URL HTTP/1.1 www.youroffice.com.br/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:51:14 GMT
Accept-Ranges: bytes
Content-Length: 68
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/d-1.jpg
207.38.88.48200 OK 16 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/d-1.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 610x400, components 3\012- data
Hash 257c0248682c50da534780dda67babff
4ebc06772cb650f19b0cd3d8092833ec9e1b8ec0
e36d08bfec8a5e5f964f942f4c43a261c3bdbc98118fa5078e8845ad299b627f
GET /wp-content/themes/youroffice2021/dependencias/imagens/d-1.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:22 GMT
Accept-Ranges: bytes
Content-Length: 15849
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/d-6.jpg
207.38.88.48200 OK 34 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/d-6.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 610x400, components 3\012- data
Hash 036b2e7c6bb25e79eaf56ab3bf38d447
7ec0c762d86f70fb4f577d1e1d72ea8e8115d79c
a0605a4e82da437cbedafb69a8c5b7fdb18dda940bb75bfadec4c35a8a1f2a28
GET /wp-content/themes/youroffice2021/dependencias/imagens/d-6.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:24 GMT
Accept-Ranges: bytes
Content-Length: 33993
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/d-4.jpg
207.38.88.48200 OK 34 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/d-4.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 610x400, components 3\012- data
Hash 71dd111e2875d8fa435165841c74bd5c
86c46006be3538f9e0040262d4fa1df4106dd8c0
cd1cc9f7686a4f4c183064865e9c3e6508be4a480c6de6a7a987a795f49a8731
GET /wp-content/themes/youroffice2021/dependencias/imagens/d-4.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:23 GMT
Accept-Ranges: bytes
Content-Length: 34318
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2022/04/payuse.jpg
207.38.88.48200 OK 48 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2022/04/payuse.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 610x400, components 3\012- data
Hash 09da39782dbd3c2cd62b6a4523c4e81b
c24787e904d0fb3b92f1a08ae1f4d4bae96b6db2
bf32bf9f46b78ff061d3b3bb3cb551294ac9adc5b7196c87ccd4023d54823c05
GET /wp-content/uploads/2022/04/payuse.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Fri, 08 Apr 2022 04:33:50 GMT
Accept-Ranges: bytes
Content-Length: 48500
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/d-3.jpg
207.38.88.48200 OK 27 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/d-3.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 610x400, components 3\012- data
Hash c086af4e1ee5b6f2d38df48863aad8dd
0f395fd00e3ca559f48428d4f8ed3f231ff7e422
475531e559c1fdd49f3d565ab21fa9edb4b81cf53b123b9e9269f365ba6441af
GET /wp-content/themes/youroffice2021/dependencias/imagens/d-3.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:22 GMT
Accept-Ranges: bytes
Content-Length: 26586
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2022/04/lapa.jpg
207.38.88.48200 OK 34 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2022/04/lapa.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x318, components 3\012- data
Hash 3f0cac599fcc4aed246b78b3467e902d
b56a57aeebc5f73ebf490c5456c85853e0bde360
e748525c4fd8395fea2025a5c60199f7028e323304c71afdd0ae522aa2b07a00
GET /wp-content/uploads/2022/04/lapa.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Fri, 08 Apr 2022 13:25:51 GMT
Accept-Ranges: bytes
Content-Length: 34549
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 21:01:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 21:01:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/uni-antares.jpg
207.38.88.48200 OK 65 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/uni-antares.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x318, components 3\012- data
Hash 13b9fd960428c8e74037eaf1f68421bd
ff7379058feac12ad8471279ac078e56a23c4677
4dee4b26d683d3606f004258c3ef2d11b4dd2d76842865b2b5fee855ac1e23f0
GET /wp-content/themes/youroffice2021/dependencias/imagens/uni-antares.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:27 GMT
Accept-Ranges: bytes
Content-Length: 64864
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/uni-personal.jpg
207.38.88.48200 OK 73 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/uni-personal.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x318, components 3\012- data
Hash e03feac172ecad67dd263dd4e1aff68f
1007469be180413655a690afc0164bcf34a62b35
68c0e3547a9ee183eab1164178f0c1c533f72a092ed520edd6bb6601c24a4982
GET /wp-content/themes/youroffice2021/dependencias/imagens/uni-personal.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:29 GMT
Accept-Ranges: bytes
Content-Length: 72635
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.35200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youroffice.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:28:50 GMT
expires: Thu, 07 Dec 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 178347
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youroffice.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:11 GMT
expires: Sat, 09 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 26886
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youroffice.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:09:28 GMT
expires: Thu, 07 Dec 2023 20:09:28 GMT
cache-control: public, max-age=31536000
age: 175909
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youroffice.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:13 GMT
expires: Sat, 09 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
age: 26884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.35200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youroffice.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:11 GMT
expires: Sat, 09 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
age: 26886
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21724, version 1.0\012- data
Hash c3609c36a150ce088ea4dcab92b7c00b
0c18236a183e962533a4f61bff3ae2581313561a
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
GET /s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youroffice.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 06:53:52 GMT
expires: Sat, 09 Dec 2023 06:53:52 GMT
cache-control: public, max-age=31536000
age: 50845
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 21:01:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/uni-matriz.jpg
207.38.88.48200 OK 63 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/uni-matriz.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x318, components 3\012- data
Hash fdd32629a24f58a43df4c8394f99346c
6a84683e7bac879d67e04cf2500d605118e0926d
d28daf83d68f323063a14fc7d8426ba7ed24f31392acad529c82b7799f5c7eac
GET /wp-content/themes/youroffice2021/dependencias/imagens/uni-matriz.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:29 GMT
Accept-Ranges: bytes
Content-Length: 62583
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/img-end.jpg
207.38.88.48200 OK 37 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/img-end.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x491, components 3\012- data
Hash 4c2df3d72543c1a7ab0b6b6063136f9d
2aa2944df3a42ff4b0b92b501fbecefe8ab95d5a
5a13eb0f709555365e14900ac9ce6a193fc57e5e22c039c39934dc0ca23a3da6
GET /wp-content/themes/youroffice2021/dependencias/imagens/img-end.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:26 GMT
Accept-Ranges: bytes
Content-Length: 36598
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/img-trabalhe.jpg
207.38.88.48200 OK 44 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/img-trabalhe.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x491, components 3\012- data
Hash 798cd93e9e47165ca4b41ea1bfc5bb15
fdd075f57999aaf884fde63337e000a913298c4c
a1508e8adeb551e2ccb7afacdb341dc24072c13e8801348f3eac3eeb69d036bc
GET /wp-content/themes/youroffice2021/dependencias/imagens/img-trabalhe.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:26 GMT
Accept-Ranges: bytes
Content-Length: 44289
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/img-cafe.jpg
207.38.88.48200 OK 39 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/img-cafe.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x491, components 3\012- data
Hash e202d0b3dd759a715d81db9cc4c380a4
5f026a5e38fe781f4cbd56ad327b93ca6e4d3c48
6f290f8524d77d27b1137a93617b458cabd3d2e32bac8761eb8f8c646e9f27ea
GET /wp-content/themes/youroffice2021/dependencias/imagens/img-cafe.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:25 GMT
Accept-Ranges: bytes
Content-Length: 38657
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/fonts/flaticon2/Flaticon2.woff
207.38.88.48200 OK 30 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/fonts/flaticon2/Flaticon2.woff
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 29816, version 0.0\012- data
Hash b242ac810bd8cccaa03abc2128b7c3c3
1f935e2e99508c1fea1d11e8b03aa7dd8846f398
392a0bf6f202ef34d73291c8ee887de1a7c3daf753e640d86212459214f46834
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/fonts/flaticon2/Flaticon2.woff HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/plugins.bundle.css?ver=210114
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 15:10:44 GMT
Accept-Ranges: bytes
Content-Length: 29816
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/woff
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/bg-cliente.jpg
207.38.88.48200 OK 39 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/bg-cliente.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x600, components 3\012- data
Hash 52558a3886c4d37d71a0aed7dec4cee1
1405904fb122c8659cc3013b8f3f824aa41bc5b6
e4672d01aa5550fd3d6d15a8cc69e821ac774ba13ffa5b9fb6e1a99281f1c336
GET /wp-content/themes/youroffice2021/dependencias/imagens/bg-cliente.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:21 GMT
Accept-Ranges: bytes
Content-Length: 38663
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/fonts/socicon/socicon.woff
207.38.88.48200 OK 39 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/fonts/socicon/socicon.woff
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type Web Open Font Format, CFF, length 38700, version 1.0\012- data
Hash 944f06f5f65ef84a3a36e6c1c2d4b7ad
28a5937ba6c82ce39b1d581f42a23ce8eec6cc6c
165def3c7a5c82e6cd701ad9039f39b537e6e2e748948a4c54d70ed47d0d27f3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/fonts/socicon/socicon.woff HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/plugins.bundle.css?ver=210114
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 15:10:57 GMT
Accept-Ranges: bytes
Content-Length: 38700
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/woff
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/img-comuns.jpg
207.38.88.48200 OK 76 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/img-comuns.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x491, components 3\012- data
Hash 6d075ef69d00ef597a5c2efc1a57e560
4d6a659503bfcfacc991e0fa743b60a1891272ef
4d064b02e330efa39b36dbef467d3ce8bda69bb2ac6008d4f4891520f5247199
GET /wp-content/themes/youroffice2021/dependencias/imagens/img-comuns.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:25 GMT
Accept-Ranges: bytes
Content-Length: 75857
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/bg-reuniao.jpg
207.38.88.48200 OK 28 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/bg-reuniao.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1280, components 3\012- data
Hash 105adf0afff4057a7908c6b860ed5eb0
316aaa7551e453fc5d18ab819696ae3712f83714
ac3b43d12cdfec9a72cc0eb0dd2f13ae2e7e85279351d1337c4fd1573c373c67
GET /wp-content/themes/youroffice2021/dependencias/imagens/bg-reuniao.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 14:59:21 GMT
Accept-Ranges: bytes
Content-Length: 28403
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/fonts/@fortawesome/fa-solid-900.woff2
207.38.88.48200 OK 78 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/fonts/@fortawesome/fa-solid-900.woff2
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/fonts/@fortawesome/fa-solid-900.woff2 HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/metronic/plugins/global/plugins.bundle.css?ver=210114
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 15:10:40 GMT
Accept-Ranges: bytes
Content-Length: 78196
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/woff2
www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/ico.ico
207.38.88.48200 OK 12 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/themes/youroffice2021/dependencias/imagens/ico.ico
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type MS Windows icon resource - 1 icon, -122x-122, 32 bits/pixel\012- data
Hash 63c2bda541f6c275942f076da59714e0
1629c7d676886b9b9c8515102c5ffc9e3db063ee
94d1abd05b7b2142d434df43b5397f505cfa36ee7d6d67c1cde1feec8fbb269d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/youroffice2021/dependencias/imagens/ico.ico HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:17 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 00:52:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 12367
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/x-icon
www.youroffice.com.br//wp-content/uploads/2021/10/62a12e5f-ef35-46ee-8b4f-28055dd0fbaa.jpg
207.38.88.48200 OK 261 kB URL HTTP/1.1 www.youroffice.com.br//wp-content/uploads/2021/10/62a12e5f-ef35-46ee-8b4f-28055dd0fbaa.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Size 261 kB (260949 bytes)
Hash 38f3904b351c7ba72273d4c653724fd9
c6e33d61b6ceb0eafc6517c4f052e5aa7ff1a6e8
f7110e26d02fe1b9c2e22de87f0cabe8c3b42f27cc92442106825549281dfabc
GET //wp-content/uploads/2021/10/62a12e5f-ef35-46ee-8b4f-28055dd0fbaa.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:18 GMT
Server: Apache
Last-Modified: Fri, 29 Oct 2021 13:58:13 GMT
Accept-Ranges: bytes
Content-Length: 260949
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
www.youroffice.com.br/wp-content/uploads/2022/01/Sala-Coworking.jpg
207.38.88.48200 OK 46 kB URL HTTP/1.1 www.youroffice.com.br/wp-content/uploads/2022/01/Sala-Coworking.jpg
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1040x584, components 3\012- data
Hash 55cc7fa4992c8f1d68d6ec870f274231
0b59e1ab5071e9dfa34e79b2b8dd62831de62b8c
0792a05e0d62537095b0af6c8a70ae4e4c3edf59442ab75feaa72b84de653da7
GET /wp-content/uploads/2022/01/Sala-Coworking.jpg HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:18 GMT
Server: Apache
Last-Modified: Tue, 04 Jan 2022 14:33:53 GMT
Accept-Ranges: bytes
Content-Length: 46153
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
d335luupugsy2.cloudfront.net/js/loader-scripts/9a0f4e5d-7931-45de-89be-e752e55c407e-loader.js
54.230.245.22200 OK 13 B URL HTTP/2 d335luupugsy2.cloudfront.net/js/loader-scripts/9a0f4e5d-7931-45de-89be-e752e55c407e-loader.js
IP 54.230.245.22:0
File type ASCII text, with no line terminators
Hash 8e742d11d6b24c401e35f3b516726584
89b72153bd7e6390415ba25b9b5fbe750e6e16d5
8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40
GET /js/loader-scripts/9a0f4e5d-7931-45de-89be-e752e55c407e-loader.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 13
date: Fri, 09 Dec 2022 21:01:19 GMT
last-modified: Tue, 28 Jun 2022 13:10:22 GMT
etag: "8e742d11d6b24c401e35f3b516726584"
cache-control: no-cache
x-amz-version-id: busOobIjHCe7t0oBoUEc3tombQqKQaV8
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kHwtOsbWV8j9qcjFlZIRD-WE3XDTNdK1jSmG0xVcpHNMgwjGtAE9rQ==
X-Firefox-Spdy: h2
www.youroffice.com.br/page/2/
207.38.88.48200 OK 17 kB URL HTTP/1.1 www.youroffice.com.br/page/2/
IP 207.38.88.48:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 8d354b7641ff41c25bda2737b4c0dd9b
06fbb9bdf4d85bfd665de5a39039754dbb7a3ec3
836082bd18950234858d56ea659cc1dd525b313b594b92f8ae9904d24de95ea4
Analyzer Verdict Alert fortinet Malware
GET /page/2/ HTTP/1.1
Host: www.youroffice.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.youroffice.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 21:01:18 GMT
Server: Apache
Link: <https://www.youroffice.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 17358
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uoulSfEOLxBRCmwK55huNOYSqpyZMFiibwTjm-HqOf67vsf-3o5jtg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 13:33:54 GMT
age: 85181
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2