r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d27590a1d3cbe1e9632b8ae92aaae3f4
202b34e8a0c3b88c8826fd56c6227b34f2cd6f46
6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12422
Expires: Sat, 19 Nov 2022 01:20:13 GMT
Date: Fri, 18 Nov 2022 21:53:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2518
Cache-Control: max-age=134394
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:11 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 11:13:05 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10914
Expires: Sat, 19 Nov 2022 00:55:05 GMT
Date: Fri, 18 Nov 2022 21:53:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 21:44:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 501
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: l5C3P1m/6nyBR60EocIgyRb43HV7OM3eSWQzwfmSg+DetUrt+9gTGeSxLa9vfg87Hy5H3LfmKJs=
x-amz-request-id: XTTVP2RZQ1HFHJ1R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 21:53:05 GMT
age: 6
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 21:53:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
htech.eti.br/
108.167.132.218301 Moved Permanently 0 B IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 18 Nov 2022 21:53:11 GMT
Server: Apache
X-Redirect-By: WordPress
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://htech.eti.br/
Cache-Control: max-age=0
Expires: Fri, 18 Nov 2022 21:53:11 GMT
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 21:25:01 GMT
cache-control: public,max-age=3600
age: 1690
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe40cc6ea871d80382b6082111393fbe
281f75d0a35dc8ef908bb0500e57abd86bd5388e
6d15422cdf7a6d72d06497188f27af893682314e82ac8a189a0ee2d798cb62d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1861
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:12 GMT
Last-Modified: Fri, 18 Nov 2022 21:22:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7191162ca46bccf84e936cda37201042
57066ce3881fd544f216ca1b855700adc596db44
ef64841aaeb904be82c7e6505689f0c62d7b666cacb5892c796cf94353445ad4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF64841AAEB904BE82C7E6505689F0C62D7B666CACB5892C796CF94353445AD4"
Last-Modified: Wed, 16 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 19 Nov 2022 03:53:12 GMT
Date: Fri, 18 Nov 2022 21:53:12 GMT
Connection: keep-alive
htech.eti.br/
108.167.132.218200 OK 19 kB IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash cfb5574cf0fcf54c482ec9f98c1516e5
55e283b96772e69f37934bb5f37f79ff15a46e3c
998025454976ec8107d2ea856468a5c708416219de1ff9b82959d393bea3da95
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Fri, 18 Nov 2022 17:48:53 GMT
accept-ranges: bytes
content-length: 19060
cache-control: max-age=0
expires: Fri, 18 Nov 2022 21:53:12 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6g2rk8gN0qANIWLi7l1mzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qlJmK//BFD1sNrdJUmTd+4dK0x0=
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-animation.css?ver=1668434009
108.167.132.218200 OK 363 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-animation.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1776), with no line terminators
Hash 6112ffcec63dc00202913cb067d80730
2b9a00fddc6cb985eaadc4fce8d8b37e3ea32529
17a3934cd3be00a8fefa9cec90552f44daacca9ea9c94ea6cdc2894d86243aa6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-animation.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 363
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/revealer.css?ver=1668434009
108.167.132.218200 OK 124 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/revealer.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 2b893fd5dec2762e7cea605513c014aa
c9febf8b375edc950e017eaffeb5159783d9cae1
df9ef7916f9c944bc01a37e37dedf8be410f470bc4dd27780a883d6a0c278fe3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/revealer.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 124
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/decolines.css?ver=1668434009
108.167.132.218200 OK 126 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/decolines.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash d8534863c3da3f16ff5d836e9b4694e2
0156165ad59b487a5571500a78bc8f7b6711f9f0
9f828c5fe13c1fa929f9a690c62497073e1062eeccdac2abf88f9049452ab0a4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/decolines.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 126
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-curtain-animation.css?ver=2.0.2
108.167.132.218200 OK 546 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-curtain-animation.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d388b47d78bb8f5b3e211de2bc8dda67
88a19a212fff4ae7d504341e881e5a3722604ed0
8237a3396e1798b000b4cf59c6ea3397d52fd35267da7830cb65e961d5e06931
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-curtain-animation.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 546
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/normalize.css?ver=1668434009
108.167.132.218200 OK 803 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/normalize.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1693), with no line terminators
Hash 615412c414aa549d71ee5413500994fc
735f548361ac43297efbda8dfa23321cb6e16304
b5c6e4c55523fd7b8d34ee16393cea9bf73833bc6637e9f07b1c57287526923e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/normalize.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 803
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/lettereffect.css?ver=1668434009
108.167.132.218200 OK 127 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/lettereffect.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 18517fca6f8e33ea5c560c612db01036
f9435d96083d11985121ee216da3deb7b922d0ab
65f377033f756ad3ba5579b5309381c808d5af3480ead158268487369778bcda
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/lettereffect.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 127
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/sina-morphing.min.css?ver=2.0.2
108.167.132.218200 OK 250 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/sina-morphing.min.css?ver=2.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (587), with no line terminators
Hash f73b4aff6d24cc986af333cfea803f30
c286b355867586e3ae355d805be49d340c7bcf3f
5116b92eabdef2dd9f3b8d619fd34d14db01412611f0ef319fb2886d5319900e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/sina-morphing.min.css?ver=2.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 250
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-scroll-animation.css?ver=1668434009
108.167.132.218200 OK 119 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-scroll-animation.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 9b95ac6d5e09bd26c4181c61177aede9
78f873d8b227f8a36288e286466b51850006a388
eecdccc1df3b4eb70296f7e94962fb2e5d601380f3df91cf8876013f1082fe2d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-scroll-animation.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 119
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/pater.css?ver=1668434009
108.167.132.218200 OK 623 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/pater.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1562), with no line terminators
Hash 150fc15b43620a045b9300201d33f0dd
fd0a725e26ae1e6bfdc3808f952afce9ba910e59
a8f744762e8ec4a97af1c5f38577cb67a87252f478bc78db3af35f0835a13dba
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/pater.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 623
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
htech.eti.br/wp-content/uploads/elementor/css/post-9.css?ver=1667675408
108.167.132.218200 OK 2.3 kB URL HTTP/2 htech.eti.br/wp-content/uploads/elementor/css/post-9.css?ver=1667675408
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15116), with no line terminators
Hash 8c753f951fd0460ff2a363109bd66777
bae21b89c06ba398f72d4ee9117e4f81656ec678
823f5da5fe315f8882fbe094b181f124cff1d8efb52f1142c010001a380e1075
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-9.css?ver=1667675408 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sat, 05 Nov 2022 19:10:08 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2318
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
108.167.132.218200 OK 2.3 kB URL HTTP/2 htech.eti.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6051), with no line terminators
Hash c0a774e614f840a7f380a9aa68f16ac3
d42d9e9c586feba86b3accaf869ca2a365469b54
294b8486de91d8403977d27d636c158fe64ed0c93ce11902ed2f2b10f31d113f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:45:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2332
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/simple-line-icons.css?ver=1668434009
108.167.132.218200 OK 1.8 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/simple-line-icons.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8185), with no line terminators
Hash 341234c7562e4ae94ec2a130ba378f86
8452737df999cd035b63f64897ced22ff9dfa2dd
bdcee31d6ef0d98e6e5a20ae355d1554ea2c62b5e5850b60368fd989499f74f0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/simple-line-icons.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 1804
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/slick.css?ver=1668434009
108.167.132.218200 OK 484 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/slick.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1297), with no line terminators
Hash 97a60504b188d125ebbda98bec5a124e
1c79ba0817bc5cd9238719c508b82d200c399684
76d1873cc1b7600f1fb38d57f7b3403265a2f485c0453638b50a970ed74b6c54
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/slick.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 484
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/css/classic-themes.min.css?ver=1
108.167.132.218200 OK 189 B URL HTTP/2 htech.eti.br/wp-includes/css/classic-themes.min.css?ver=1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 12:02:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 189
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/animate.css?ver=1668434009
108.167.132.218200 OK 7.3 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/animate.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65341)
Hash feb356e710300e986ded65565a05e8b7
d8a19f5f75b9cc8d8cb78d25fd83ae8b3c6b0692
118a46343b5531511b0ac469f1ec942e3167b7ee040f035e6c53ad326858a107
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/animate.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 7296
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-248592069-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-248592069-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 472e3c70cff2671db0ae6172bb3e02aa
549eecb2d8b2acbfc25720a3dfdde9fa7bfd02d1
a91c7c4a5d28c5b330674737a29f1643cd3027593115fedf9e77e5144d2980ad
GET /gtag/js?id=UA-248592069-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Nov 2022 21:53:12 GMT
expires: Fri, 18 Nov 2022 21:53:12 GMT
cache-control: private, max-age=900
last-modified: Fri, 18 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43683
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=1668434009
108.167.132.218200 OK 7.2 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31249)
Hash 2830430e957c4ebd9b9068e3ac37e4f6
1d5510feb37babd54cc0aef263262745999d1277
9808d9cb8b185a856213f1eb1db42630569d52e20b2c75cfe5cbec773e837595
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 7163
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/htflexboxgrid.css?ver=1668434009
108.167.132.218200 OK 2.9 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/htflexboxgrid.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13243), with no line terminators
Hash 71995b5dbdfb4d6fb22d7a2795d58f91
537c5f0c2d2a8dc82bb33c9490bbe105ef004075
5e53cbe1e1ea8b477d0dcc116e61895db4640d83bf355a63bee8bd097528ec4c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/htflexboxgrid.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2855
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/de-staggering.css?ver=1668434009
108.167.132.218200 OK 2.0 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/de-staggering.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21045), with no line terminators
Hash 2407d995dcfbc22ca67d607fbf0dd806
0275f1e6f977156687485ded84690da56d76a1a8
e1983b6e0134529685fbb1a2a9d6ea870e518970eb15c8e4e14a9749dcf0b3f3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/de-staggering.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 1988
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/de-sticky-frontend.css?ver=1668434009
108.167.132.218200 OK 183 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/de-sticky-frontend.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 7382dea08081ba92c2c5deb8102e9d9c
98d501688c8a93d7e33168f54a11b5e7f6196e67
a20491a107d3927c160635ec5bae83c27b68718de7c1ddfa322b4e17b704b4b9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/de-sticky-frontend.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 183
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.0
108.167.132.218200 OK 1.9 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11875)
Hash 20e710220b5a655381a68030fc620a97
2bf7cbe6b77c2d2df4eaf3639df929d5643997de
595c43809e55e9fb938799ae6ef6225e57bb00e09e6b3f7d6a17c6187f0e1320
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:54:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 1912
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1668434009
108.167.132.218200 OK 4.1 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19629)
Hash b8678fb6a5777c9f95a6d6af841de013
7842d6618d8d0a8d8b8d4d7c27389960e84ebc6a
4cbe9e7d4061a95977d055fe040554bd3c88e1f40825f45a0778e1fbed77fb1f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 4053
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/elementor/css/post-52.css?ver=1667706300
108.167.132.218200 OK 3.4 kB URL HTTP/2 htech.eti.br/wp-content/uploads/elementor/css/post-52.css?ver=1667706300
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24784), with no line terminators
Hash eddc923fe4285e152387e2fa9644b3f4
f9bcf89095024b1a104f2f00f1a231ada527ebe2
1d9c3371e77f712a1dc913677cdb0dbbc3650eb3018a6d8c42d31112cfaebb9b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-52.css?ver=1667706300 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 03:45:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 3434
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-de-carousel.css?ver=1668434009
108.167.132.218200 OK 264 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-de-carousel.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (624), with no line terminators
Hash 4d22963ab1862b9e7c35c30a498d4643
8063a29172f9b0d7268c246e7001682859d1ae89
1ba0b6e2b6c2d14792b5b28aedcc4f0f5d37543126102fe6296c1d34e84f2e4f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-de-carousel.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 264
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/de-product-display.css?ver=1668434009
108.167.132.218200 OK 1.1 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/de-product-display.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11407), with no line terminators
Hash 7e674f3a43782aed80d965928fe8dac7
8d1a192b4a1c1eacb56d4f3321baaa0d3de1f082
9158bbf2b53fcce035e78167dc715c7e73754102f84263f9300fc826815fdb42
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/de-product-display.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 1104
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/elementor/css/post-41.css?ver=1667706271
108.167.132.218200 OK 3.0 kB URL HTTP/2 htech.eti.br/wp-content/uploads/elementor/css/post-41.css?ver=1667706271
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16386), with no line terminators
Hash 78e76b09260cc60d0aa1e0c3f0674715
82e155ba7537503e8f9e4eb4350657590628e1f0
e0b12cf4f9e404634aa1394a6c42a2b13c48081a1dce7ab960cd6031b6e8c118
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-41.css?ver=1667706271 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 03:44:31 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2986
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
108.167.132.218200 OK 3.7 kB URL HTTP/2 htech.eti.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15672), with no line terminators
Hash 607799bfa5d48117a95cd9dda8a17c2b
9a969f06c70600b753b160db19a5d37c9d249d10
78f67e192604e0dca624c2dcc8ea7cd6c54e14fe15918e7c9586ec1a22775876
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:45:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 3725
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/elementor/css/post-17.css?ver=1667695365
108.167.132.218200 OK 9.4 kB URL HTTP/2 htech.eti.br/wp-content/uploads/elementor/css/post-17.css?ver=1667695365
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59428), with no line terminators
Hash c7d98d3558f40429c65f6a2c30706161
3b06a0ca6e33722f87ad396b5c1a31b812f5d40c
86648a38bc712149fe1ff9ed661c6229a94deb25c3c639d76ec1d0e2a3efbb65
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-17.css?ver=1667695365 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 00:42:45 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 9359
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1668434009
108.167.132.218200 OK 359 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (902)
Hash e5e78f20bb2b9accb4937ce0bdf88dde
6e5d37fdf61625a2f2ba11c6f37fed48e560950a
fa23a704d0e9efa90986904d39c05680e08cbdb651b08fe79a75e4f6fd2e360b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 359
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/de_loop/ecs-style.css?ver=1668434009
108.167.132.218200 OK 1.6 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/de_loop/ecs-style.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6483), with no line terminators
Hash 4a9ce98a554bf0e5acf43bddc1411d0d
85a76c91db94543624d846d66d8084bb911ea0f0
a023aad6bcc0de4a6db6405afe09c97d8706e5de36348be543bbdccd5ebaa372
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/de_loop/ecs-style.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 1565
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
108.167.132.218200 OK 2.1 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12953)
Hash 02d8771358fc576ee2d17d04e835e377
73158eae6969d3c54b30d433992d26db89a33eda
1604a6f05f444c86abe4d798e344ae1f3d2ec804bfebbb82ab54500ebae80309
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-box.min.css HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2092
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1668434009
108.167.132.218200 OK 357 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (904)
Hash 3b755cf88098f9e62502971079c92875
7c5ad9fa5efe69b0821c1c2cc60d10383943881c
a154fb4623adb75dcedb3b23f852d8c3e6a52d72accbe990378ab5a6441231ff
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 357
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
108.167.132.218200 OK 5.3 kB URL HTTP/2 htech.eti.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 14:26:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 5321
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1668434009
108.167.132.218200 OK 769 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (474)
Hash 8aafef850ae70ab4b791967e6f22b36d
f91e73eef8bda4c7e683937a008d1477011771a1
ce9943cd9ff8482737d48afe2a8630d1ab057f6c09530a5d01b022abacf1ed75
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 769
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1
108.167.132.218200 OK 4.3 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11677)
Hash 8a97f5f1635625b5a994cb8f897608be
310a565eb60cb9598201c3802b4711f82c97602d
dfa6f28fdcc6abab9e73f29dd3c263da5c1cf10d31a3c90bd6d4b7b6267afe7a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 4257
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0
108.167.132.218200 OK 962 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2233)
Hash 55c4564da37f54d4dbf64349ae00ad9b
2e0509df96556ac654074bde62cc2a7c92deff71
d67c3b45b717ac807bc69d8fe69443da7fbd5003d34608bc34da6985f53dcc7b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 962
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
108.167.132.218200 OK 4.2 kB URL HTTP/2 htech.eti.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3b62593186f7f91a9470ab6968ec5feb
bd7728c79c04f4f2f7a787097b0868e06ceba5ad
2a9920dc63cbd8228103c7d6bf2a044f06963041253c385c3cebb147297aa782
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 12:02:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 4233
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
108.167.132.218200 OK 13 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57726)
Hash dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 12577
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs.js?ver=1668434009
108.167.132.218200 OK 150 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 54a630acb6fea8e082cc02c8ae9da365
d879e7be16bd0b2d88ce0ce64f00ef92b2330f3e
809feeae3555279875fa48aed4cdbf8a5a738a3ff077c5f9cf0c65a31f76256f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 150
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-icon-box.js?ver=1668434009
108.167.132.218200 OK 559 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-icon-box.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (791)
Hash 418cb33543b4c12bdfb1a914dd386f3f
baeb217dec4869582a8653d32931b4c335f5cd55
2ca523445c6dc0d9a64c302084aa7dc08d04e9ffac40a61b5a6437f9453285eb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-icon-box.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 559
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1668434009
108.167.132.218200 OK 360 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (896)
Hash d2bfc53854ba982c3fac734ddc991acf
25ce4c0c5b9e1736e7ec1211b1ca8dda71aa4429
0885f3f0b6d1293587b5d22020f2bf5ddf8031e744d604c6d0998933ebf528af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 360
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
108.167.132.218200 OK 8.3 kB URL HTTP/2 htech.eti.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 12:02:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 8344
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=1668434009
108.167.132.218200 OK 39 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash f39beb38bd09e8d2111deec9c1ff2bc1
e1e0ea37ddcc589d890e14e59bd892a320ae4466
89b87d53f74bf77c35b63352937c490fa8e07f70eb549d9307ea8e945fc00bc4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
content-length: 39
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=1668434009
108.167.132.218200 OK 13 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash cb8df945c867720aa625d699bf84c97f
ef7f1d5fdb649f86725ffda8eb25556a16fd8abb
00a75d8ad7893d5b49de1a8aa889565ff13daa9f05abf986268b30c86157792a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 12736
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/imagesloaded.min.js?ver=4.1.4
108.167.132.218200 OK 2.1 kB URL HTTP/2 htech.eti.br/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 14 Jun 2020 03:23:28 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2103
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0
108.167.132.218200 OK 7.7 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21624)
Hash 172667bec56888e050739962545c72d7
fe4723f65e0208d489033acd2b8877d4ad84269c
aeea25e6154739c10be0b414a3f6168aaabf3c2e8c54b8e7a926ad38f16398f7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:54:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 7668
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
108.167.132.218200 OK 7.6 kB URL HTTP/2 htech.eti.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 12:02:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 7621
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
108.167.132.218200 OK 1.7 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11736)
Hash ba3b4eacf997395a13d014ade75cea18
e4592d4b40c6aea656fbfc59231920091d1735d5
1203dad3ba83f22855841b1998c01b4f3e776c47efac86721eeabbd84156ee5e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 1651
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.0
108.167.132.218200 OK 3.0 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2997
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
108.167.132.218200 OK 1.7 kB URL HTTP/2 htech.eti.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4875)
Hash 6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 20:34:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 1712
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-column.js?ver=1668434009
108.167.132.218200 OK 683 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-column.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (769)
Hash b21ae6d2d49c902faf9ab4272d3d9c10
ad5eb03dd12bc7f5ef1ceab6e27bf36f2c5b02b8
b03e0c9a8de834d583a4277971b8e4d88521c701f7109cec27978f4a661cf05e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-column.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 683
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de-sticky-frontend.js?ver=1668434009
108.167.132.218200 OK 2.0 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de-sticky-frontend.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1656)
Hash d3ca36006d2aa161a8218010bc89b025
3ff699330fd71fd17c0438d2138eb5e66bbf24a0
0b7e9413988a543db171df1e7f4ce8440bfd35a85a71c90e6a87bf24e4eaa443
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de-sticky-frontend.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 1992
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/imagesloaded.pkgd.min.js?ver=6.1.1
108.167.132.218200 OK 2.0 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/imagesloaded.pkgd.min.js?ver=6.1.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5324)
Hash 422e1b8247953b0b4ec02fef17fd3866
da46bd225bd2c67b4ce27b4d0360dcf421013d3c
178a9f3dda0741a05ab84f556b142af7e3f958ff6669e6770548f90dbc78959e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/imagesloaded.pkgd.min.js?ver=6.1.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2006
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.0
108.167.132.218200 OK 2.5 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5191)
Hash 4f64e047f77f983d784ace34d0416784
dae5c0842ed9fe97a1063ebf6235a825c49cd8c4
21f982a0590251e893874a385b36718a32c372e266ff8ce0e3df957a5bebcb07
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:54:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2475
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs_ajax_pagination.js?ver=1668434009
108.167.132.218200 OK 752 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs_ajax_pagination.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (809)
Hash 57cbf97d73de53259c0f087586173aa2
b9c71e46602213531438e7b85683a6a7c240521b
b4d39305be0466eb47b31c86082330c7f03f1c45c46d7fd70ba4b613a9b1ebac
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs_ajax_pagination.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 752
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
108.167.132.218200 OK 1.0 kB URL HTTP/2 htech.eti.br/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3164), with no line terminators
Hash b61faf78df8ff0e5446c7fe2b070b144
d98140a3225bbade0a77d7d6001e65148a7ec6b8
3bb0086b96f0d58dc01f13c3d0055c3fe41a4e79e2d1461641ada355763c77c2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:45:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 1048
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=1668434009
108.167.132.218200 OK 442 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (809), with no line terminators
Hash 7d36b05e73b89dadc0104e647537098f
dc030a33305b6934fc4c47c07695ce4256079fed
6ca1a51c13d96fdfd4ee6ae0e59cd6849673df5365e9a98fcab7b7aaca2d48f4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 442
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0
108.167.132.218200 OK 2.3 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash cec23e5a0777df58b888ad2aaa3fe428
3904542fe17b29426f4f964d63e1d45d4bc2f3b7
7ac1b9ea37ea3bcf867bbabd8de828b2e6d7a8e3cb2acaa16b2ae9cbd79b740a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2312
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
108.167.132.218200 OK 2.7 kB URL HTTP/2 htech.eti.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 20:34:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2675
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/intersectionobserver.js?ver=1668434009
108.167.132.218200 OK 3.3 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/intersectionobserver.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2779)
Hash aad314767970a0268558ad5c0b8d5ede
bf9006e674466ae24f03960cd5f8a1d149ba1707
c1b69faa92e070da9497c9464dda71474f28329e5036e769357551368eeae571
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/intersectionobserver.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 3272
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/anime.min.js?ver=6.1.1
108.167.132.218200 OK 8.0 kB URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/anime.min.js?ver=6.1.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17638)
Hash 2bcefaf076f70dc1486762c74348b324
0fb53b24d6d6d1de589f741ca59c4626954c0066
d330ac294bbb9426f2d3a314cb5c89a2d768ebc90f8946779feb13290baf737d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/anime.min.js?ver=6.1.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 8015
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0
108.167.132.218200 OK 13 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 37e06ea4e37d465ce76adb3954eaf201
d1d2f06cdfad134d4638de2ab2bfc54e47d02552
f839cbc0157e8e2efe0bb74b33bfa248b4ebb59d3d968d08124c8263a44dcfa6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 13291
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css
108.167.132.218200 OK 5.4 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36838)
Hash 6b8459dd77d3bf292d833f4c19c40d67
77b37413e5644d5dda83ae0f274f3c4907a861d8
c5d2c259bd4ef1a11bc243e9f098579e79d3b8abe81bdea97a0bb77f3525cdc9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:54:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 5365
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1668434009
108.167.132.218200 OK 4.4 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30283), with no line terminators
Hash c2c381b76f533a3992b1060b1e8275ed
8441603d412df07e265d70d72569bd3ed90c51ee
6b1c02e5f7f5a04d0320c0a69a67651c6c322b81dfcf1ad9ca29e0f7374cf613
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 4436
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.0
108.167.132.218200 OK 7.1 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24753)
Hash 603f2cfac5d816d609c0d44d3e9251f3
1b82e940ae38eb4936e9fea3a3d2b99b77167696
b8d86cbc15abc6af57ebb34ba3c6f2d4364e7421175e6a8cf68b51dd918613a4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:54:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 7104
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0
108.167.132.218200 OK 16 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (40474)
Hash 85b4389c079ac11b75c6c592b3ce1dc6
c355e852f0c801191f2138cdeea752d40ec3a078
5dbb8236a5133a22c314a0090ccfcbaa009aeba7d5141cccc67c078c10ad079c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 16151
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
108.167.132.218200 OK 3.7 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 3747
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/charming.min.js?ver=6.1.1
108.167.132.218200 OK 354 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/charming.min.js?ver=6.1.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (527), with no line terminators
Hash fd32d53bd29fcba5e18ac177fcea9c34
9f2aaa4d3962b5e5ce1c04b8f0b1330846c8630e
b1c85864baa588948e024228a19c6af9b400f58a06707c2730f068c70b625116
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/charming.min.js?ver=6.1.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 354
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/css/dticon.css?ver=1668434009
108.167.132.218200 OK 3.1 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/css/dticon.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20034), with no line terminators
Hash a4ba6bbdde7d641efd7b6cf19c75605a
48b2b1ced6a672becc7d54fe186881bf00ab440a
a142b97e770921fb18cc37d0b692cef6c8c9767b7875602f0227ac11692c5c45
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/css/dticon.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 3062
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-migrate-1.4.1-wp.js?ver=1668434009
108.167.132.218200 OK 5.4 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-migrate-1.4.1-wp.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1745)
Hash aaf640948ee84e3cc208aba0080506fb
bf85715f8a96fa67d15982e4f91edd42709bd190
0cd9f10123513e0e8173feeb60879fb389fc6262e02d69b01d8e3c7a6b487864
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-migrate-1.4.1-wp.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 5395
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/lineMaker.js?ver=1668434009
108.167.132.218200 OK 1.7 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/lineMaker.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1384)
Hash a544f928c088073f61d248e50a617795
4765bae2144bc911374e5f2ea81191d0fc8f6c6c
c83790e44ae034a60d213ca2aa46499e8b9befae408c7a643f5c032eebcac6bd
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/lineMaker.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 1746
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/textfx.js?ver=1668434009
108.167.132.218200 OK 2.2 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/textfx.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7306)
Hash d422a57548e9b1af47b37025f25144b5
91785951d70168d430ce826b034ad968060ef22e
1ab5530e12183a045d7529c1bff9635df520ae48bbfa745df8f75fc2a18e2781
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/textfx.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2203
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/main.js?ver=1668434009
108.167.132.218200 OK 1.3 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/main.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (740)
Hash e20dbf3681a1ae2dd817274d809633df
3421250a1e80fa55203605308be9e9454bf32eae
a632278ed166d7047723602205ce580c41f7bb121757866ff26bbc014cb0b21d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/main.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 1342
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_staggering/de_staggering.js?ver=1668434009
108.167.132.218200 OK 2.9 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_staggering/de_staggering.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (578)
Hash d82355d1278efb850852c4e6ba59eb50
b522aca0ea39530eabf883222b0736a1b97b8495
ea58ffdf6149827421158dc97ab4e001499d3bdd93a54890b8e9361cc4b67f33
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_staggering/de_staggering.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2915
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/scrollMonitor.js?ver=1668434009
108.167.132.218200 OK 3.0 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/scrollMonitor.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8764), with no line terminators
Hash f71ac06c0925c15808b4d31d372ee399
f1ff6747dbc59c126fb7ad22fce88a665e7535fa
40e9f2dbeb3fd8684fb6fe3f59c5651e32b1e3a3bfffef1c9c8d68791d3be3e9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/scrollMonitor.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2974
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_scroll_animation.preview.js?ver=1668434009
108.167.132.218200 OK 2.6 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_scroll_animation.preview.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (949)
Hash db7b869054d9b5e3571c7dc8678f98f6
a37510691eef2b6d2af05025cf3fba6ebce9ef55
55120645fc136d060d9edd42741b1d85f248baf558930a62cf1286731d759b37
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_scroll_animation.preview.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 2627
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=1668434009
108.167.132.218200 OK 6.0 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17947), with no line terminators
Hash fdddd64dedce17765814d551df1f52aa
1515e0087910c782fa70b82ac22364ef2ea3e6f7
3f4e7b555f1ad22e5721f4e29f645cd81b00420723fb924de1fc2112076b0c08
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 6017
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
108.167.132.218200 OK 3.3 kB URL HTTP/2 htech.eti.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8290)
Hash 2449a77badee23a0201f15cf944a9c19
ef49f2c5417427fadfcf2576b2abb36d95219cf6
16e6ae5c7a55506aef550837228b621a5f5a791a3af0ac6ded4a2e41a3fee0f3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 09 Nov 2022 14:14:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 3270
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/chivo/v18/va9I4kzIxd1KFrBoQeM.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/chivo/v18/va9I4kzIxd1KFrBoQeM.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31216, version 1.0\012- data
Hash 9d57cf636bfec7981ca5ce494303afd5
442c8d98b87190d0937dfba2e55b500bfc8a95d8
64aa7a01c38e5f51aa6b7cd48decf2bd9ef228857df6ff47b0f58b38c1bdfc30
GET /s/chivo/v18/va9I4kzIxd1KFrBoQeM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://htech.eti.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 22:58:18 GMT
expires: Fri, 17 Nov 2023 22:58:18 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Nov 2022 15:51:07 GMT
content-type: font/woff2
age: 82495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21096, version 1.0\012- data
Hash edd1beac8f00071cab3e2db58647ff94
8e8128a2cecf6524557cce4a32eb751f5dbe261d
a3298dd9c080ba992e6b3afd31430a7ec37869a5ecda45b854672ec069af4aab
GET /s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://htech.eti.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 00:59:26 GMT
expires: Thu, 16 Nov 2023 00:59:26 GMT
cache-control: public, max-age=31536000
age: 248027
last-modified: Tue, 23 Aug 2022 18:43:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/kumbhsans/v12/c4ml1n92AsfhuCq6tVsaioBd-Q.woff2
216.58.207.195200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/kumbhsans/v12/c4ml1n92AsfhuCq6tVsaioBd-Q.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30224, version 1.0\012- data
Hash 36be22721f29ac75d4342891b79854c3
7e6f3a83742896703841449e462922bfe76224ca
9b2d0cbb68f699b93854f9ecfe945428a66c439340416ee9d7fb8ee465fc727a
GET /s/kumbhsans/v12/c4ml1n92AsfhuCq6tVsaioBd-Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://htech.eti.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 08:28:19 GMT
expires: Thu, 16 Nov 2023 08:28:19 GMT
cache-control: public, max-age=31536000
age: 221094
last-modified: Mon, 11 Jul 2022 19:05:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/2022/11/back1.jpg
108.167.132.218200 OK 167 kB URL HTTP/2 htech.eti.br/wp-content/uploads/2022/11/back1.jpg
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, progressive, precision 8, 1920x1278, components 3\012- data
Size 167 kB (166687 bytes)
Hash e07cbe5ce49ed160cd88e61e6b93ef07
dbf39dab0be7b5c49a28d2888c6b8393930a9c67
eabd830b6079bc37b7f075f63e74ea2a638718a56e23760d411f10ea166258f6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/back1.jpg HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/uploads/elementor/css/post-17.css?ver=1667695365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sat, 05 Nov 2022 20:13:18 GMT
accept-ranges: bytes
content-length: 166687
cache-control: max-age=10368000, public
expires: Sat, 18 Mar 2023 21:53:13 GMT
content-type: image/jpeg
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/2022/10/38.jpg
108.167.132.218200 OK 170 kB URL HTTP/2 htech.eti.br/wp-content/uploads/2022/10/38.jpg
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1280, components 3\012- data
Size 170 kB (170527 bytes)
Hash 3b0bf641804d128c2ad1ff31a4b46ddf
7f3f8c2e71144bb399f4df5ebea55b600dadf717
dd8b1d64549e1525017da69dc05142ef151d184b80a3b7466ce39cf76ac59904
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/38.jpg HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/uploads/elementor/css/post-17.css?ver=1667695365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:33:56 GMT
accept-ranges: bytes
content-length: 170527
cache-control: max-age=10368000, public
expires: Sat, 18 Mar 2023 21:53:13 GMT
content-type: image/jpeg
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
htech.eti.br/wp-content/uploads/2022/10/45.jpg
108.167.132.218200 OK 153 kB URL HTTP/2 htech.eti.br/wp-content/uploads/2022/10/45.jpg
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 153 kB (153079 bytes)
Hash 3b44554d87bb801809c55076d2275ce6
b51ae3a9a6fbb84f39c1566c2e600ae33c41661e
cfe600a2abe3b8b93d5118dc8086d3bfc499b1f977bc0a1c69e622d89ddf6444
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/45.jpg HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/uploads/elementor/css/post-41.css?ver=1667706271
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:35:20 GMT
accept-ranges: bytes
content-length: 153079
cache-control: max-age=10368000, public
expires: Sat, 18 Mar 2023 21:53:13 GMT
content-type: image/jpeg
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
108.167.132.218200 OK 77 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1668434009
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
content-length: 76764
cache-control: max-age=10368000
expires: Sat, 18 Mar 2023 21:53:13 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12455
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 21:53:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12455
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 21:53:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12455
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 21:53:13 GMT
Connection: keep-alive
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-1.12.4-wp.js?ver=1668434009
108.167.132.218200 OK 43 kB URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-1.12.4-wp.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7adbc82b5eff58b03f07601759238ec6
af4f824edbbd2b4b1dfdddcb7a3189e717663820
556bac84df3f66a8cf26df9078d6f85b6faa07d54b25730db784c45f45e5df7d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-1.12.4-wp.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30ad43f65949e7e22e73292e3d684f3d
9404b0071027ac7ec0055a9edfbd607e3a8ae501
b97961cbd2245f9927c1c0406451449d28cca24c98c534cace78321ac62eeeb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5955
x-amzn-requestid: fe915fbe-b1dc-4fbd-8a10-1cb46e08f56c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqPjHloIAMFidw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755730-16deb73f48305b0139b1d9bd;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qtpQ9y_8ohoqKpvTx-mWM439VyjZnpmTKKCEAEnknL3CVN8ZkiJaYQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:39:51 GMT
age: 802
etag: "9404b0071027ac7ec0055a9edfbd607e3a8ae501"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 18:45:50 GMT
age: 11243
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35da1192dcadc6e329a9e60c16904301
90a146aef85765630a5e09e46a0a8682e204bec1
816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10281
x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-77EWaIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 48wUhxwMgsEj2J01EWOTCfWLNZPwFrjjXd6V_uSp8yae4YtGTTVlxA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:14:12 GMT
age: 85141
etag: "90a146aef85765630a5e09e46a0a8682e204bec1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d0b6106f00f9fd8b89c2d484a559a1a
399ac393209dcdac7d2188d7aa8d95f04570ef7c
5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aJ2STDuogyIQ0s2sAiGgRxkckeYEpq8SDnYiI6bi4tljvH7k1ztsrw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:50:50 GMT
age: 143
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9d32fa3866dd741de610a61a93ad893
4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e
4492338de536cfae6fb42fd37170c60f4fbc281a2a924efe6d2b5af352cd102c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: cac35b04-be3b-4ae1-bb5e-8cedcd7a7db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqOVFCXIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755728-45c28fa333b748520be29b57;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: RQqPegf6sdVW0qmrGnUo6EORLuT7BRikwhtF08LAxWNCpLGwGZnG8Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:34:18 GMT
age: 1135
etag: "4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2b393e36ee2c9649d90db136aa49542
e88c5832ff0c49bab181d948c3a510d88343bb6f
8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WpaBFpaCu0GBiHiiQzCCsyXrA7uzesHS92c_PsgxROxPkqjZ8RyI6Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:52:45 GMT
age: 28
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
108.167.132.218200 OK 13 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1668434009
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
content-length: 13276
cache-control: max-age=10368000
expires: Sat, 18 Mar 2023 21:53:13 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
108.167.132.218200 OK 78 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1668434009
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
content-length: 78196
cache-control: max-age=10368000
expires: Sat, 18 Mar 2023 21:53:13 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
108.167.132.218200 OK 454 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 454356, version 1.0\012- data
Size 454 kB (454356 bytes)
Hash b9c06e9a6857fa27f58f460eb07d634b
b248d700ee5a882068c4e63a1102b44d7afc95e4
11c608304b6bba53880c8d448c4d975d74c1db1801cfbca9fe72ff5f3a58f42f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=1668434009
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 11:54:11 GMT
accept-ranges: bytes
content-length: 454356
cache-control: max-age=10368000
expires: Sat, 18 Mar 2023 21:53:13 GMT
vary: Accept-Encoding
content-type: font/woff
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2fbe488d41c17bc17f04fadd7f8e4daf
d659b685818d0955ca06708aa3150b75288d91d2
a605134a5a49e88cc0f782f29e766afb170cea4c31edac059bfabad3a19a5048
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141211
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:13 GMT
Etag: "63778364-118"
Expires: Sun, 20 Nov 2022 13:06:44 GMT
Last-Modified: Fri, 18 Nov 2022 13:06:44 GMT
Server: nginx
Content-Length: 280
htech.eti.br/wp-content/uploads/2022/10/black-logoAtivo-1.svg
108.167.132.218200 OK 5.2 kB URL HTTP/2 htech.eti.br/wp-content/uploads/2022/10/black-logoAtivo-1.svg
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (11585), with no line terminators
Hash 5974b8f01fc61621979af3e6cee1f582
927f6c0297f34465d851e08a061270d673d625df
34dee7c2103c5f4bac45125c3a43e119b0e2544109be6866976c238312c3557f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/black-logoAtivo-1.svg HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 03:44:19 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Sat, 18 Mar 2023 21:53:13 GMT
content-encoding: gzip
content-length: 5223
content-type: image/svg+xml
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2fbe488d41c17bc17f04fadd7f8e4daf
d659b685818d0955ca06708aa3150b75288d91d2
a605134a5a49e88cc0f782f29e766afb170cea4c31edac059bfabad3a19a5048
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=141211
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:13 GMT
Etag: "63778364-118"
Expires: Sun, 20 Nov 2022 13:06:44 GMT
Last-Modified: Fri, 18 Nov 2022 13:06:44 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
htech.eti.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
108.167.132.218200 OK 671 B URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1320)
Hash 06336a3301ee0a49c87c5b6dd622200e
58894e1a1614214394257edcb009e302cb9c60ca
62b0ea6bbd905f11d687a1fdf9d99dfef393ff5c89a56927fd809313a38d76cc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:13 GMT
content-encoding: gzip
content-length: 671
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js
108.167.132.218200 OK 1.9 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4970)
Hash da8e2a123736dae745c03ceeb58867a6
ec4591b48e3039a72f293fe48192474cae511cea
d69cc951b64e863b7b4036f41d3bcc0f26b99f957d5786ceafa4fee00b7629d8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Cookie: _ga_EE3NPMCFLC=GS1.1.1668808391.1.0.1668808391.0.0.0; _ga=GA1.1.2088010561.1668808392
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:54:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:13 GMT
content-encoding: gzip
content-length: 1948
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-json/elfsight-instagram-feed/api/instagram?q=me%2Fmedia%3Ffields%3Dcaption%252Cmedia_type%252Cmedia_url%252Cpermalink%252Cthumbnail_url%252Ctimestamp%252Cusername%252Cchildren%257Bmedia_type%252Cmedia_url%252Cthumbnail_url%257D&user_id=b9d4e721-c49c-4ce1-b070-fff2321a719a
108.167.132.218200 OK 8.7 kB URL HTTP/2 htech.eti.br/wp-json/elfsight-instagram-feed/api/instagram?q=me%2Fmedia%3Ffields%3Dcaption%252Cmedia_type%252Cmedia_url%252Cpermalink%252Cthumbnail_url%252Ctimestamp%252Cusername%252Cchildren%257Bmedia_type%252Cmedia_url%252Cthumbnail_url%257D&user_id=b9d4e721-c49c-4ce1-b070-fff2321a719a
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (15538), with no line terminators
Hash 66263ec2f06d9a0b984df5331a6ef814
c1c84e06487bcf584fe74794af3d962df720e037
7e26fec7390ec67d68078480d5effff94d105549f0d9ecc7e388e0028520565b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-json/elfsight-instagram-feed/api/instagram?q=me%2Fmedia%3Ffields%3Dcaption%252Cmedia_type%252Cmedia_url%252Cpermalink%252Cthumbnail_url%252Ctimestamp%252Cusername%252Cchildren%257Bmedia_type%252Cmedia_url%252Cthumbnail_url%257D&user_id=b9d4e721-c49c-4ce1-b070-fff2321a719a HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://htech.eti.br/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-robots-tag: noindex
link: <https://htech.eti.br/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
vary: Accept-Encoding
cache-control: max-age=0
expires: Fri, 18 Nov 2022 21:53:13 GMT
content-encoding: gzip
content-length: 8656
content-type: application/json; charset=utf-8
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
108.167.132.218200 OK 67 kB URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65280)
Hash da9a85c360e702315339b234ed7797da
dc0d037278b8ba35d7d94f1b37ce4d403f0d1c3a
c8a135cda130a3ec800f1c961d38cd661f3c2ca2482c6e7b37b2396c542104ea
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Cookie: _ga_EE3NPMCFLC=GS1.1.1668808391.1.0.1668808391.0.0.0; _ga=GA1.1.2088010561.1668808392
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:13 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/2022/10/fav-150x150.png
108.167.132.218200 OK 8.0 kB URL HTTP/2 htech.eti.br/wp-content/uploads/2022/10/fav-150x150.png
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced\012- data
Hash a64169afac71a64c2f837062f360fb58
aa914c618f490d2b61e54cb94d566b9521e327bc
c10932143fa7269edc840f53323d6155c8d7d4ed3f56ca13d1e6f7bb0bfa8dbd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/fav-150x150.png HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Cookie: _ga_EE3NPMCFLC=GS1.1.1668808391.1.0.1668808391.0.0.0; _ga=GA1.1.2088010561.1668808392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 15:58:30 GMT
accept-ranges: bytes
content-length: 8025
cache-control: max-age=10368000, public
expires: Sat, 18 Mar 2023 21:53:14 GMT
content-type: image/png
date: Fri, 18 Nov 2022 21:53:14 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/uploads/2022/10/fav-300x300.png
108.167.132.218200 OK 19 kB URL HTTP/2 htech.eti.br/wp-content/uploads/2022/10/fav-300x300.png
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 300, 8-bit gray+alpha, non-interlaced\012- data
Hash 653e3161142929727cd801004eb744e1
ce9c3be577f3a9afb7b355073e1c0198d615d527
e048684575fcbbce8e6548a6b92640724337e62ad37a3f64a4e814b42649acb8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/fav-300x300.png HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Cookie: _ga_EE3NPMCFLC=GS1.1.1668808391.1.0.1668808391.0.0.0; _ga=GA1.1.2088010561.1668808392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 15:58:30 GMT
accept-ranges: bytes
content-length: 19346
cache-control: max-age=10368000, public
expires: Sat, 18 Mar 2023 21:53:14 GMT
content-type: image/png
date: Fri, 18 Nov 2022 21:53:14 GMT
server: Apache
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-EE3NPMCFLC>m=2oeb90&_p=1732027926&gdid=dZTNiMT&cid=2088010561.1668808392&ul=en-us&sr=1280x1024&_s=1&sid=1668808391&sct=1&seg=0&dl=https%3A%2F%2Fhtech.eti.br%2F&dt=Tecnologia%20para%20Escrit%C3%B3rios%20-%20HTech.ETI&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-EE3NPMCFLC>m=2oeb90&_p=1732027926&gdid=dZTNiMT&cid=2088010561.1668808392&ul=en-us&sr=1280x1024&_s=1&sid=1668808391&sct=1&seg=0&dl=https%3A%2F%2Fhtech.eti.br%2F&dt=Tecnologia%20para%20Escrit%C3%B3rios%20-%20HTech.ETI&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-EE3NPMCFLC>m=2oeb90&_p=1732027926&gdid=dZTNiMT&cid=2088010561.1668808392&ul=en-us&sr=1280x1024&_s=1&sid=1668808391&sct=1&seg=0&dl=https%3A%2F%2Fhtech.eti.br%2F&dt=Tecnologia%20para%20Escrit%C3%B3rios%20-%20HTech.ETI&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://htech.eti.br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://htech.eti.br
date: Fri, 18 Nov 2022 21:53:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df5392604a77d6d86a577961fc58a356
97743574899cb3fb9cb1a4f2b0ce11db786b61c9
379c68205005b2708f58413c1b36b8c8c45f5455953dbd0727540f15c85ded5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4218
Cache-Control: max-age=160586
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:14 GMT
Etag: "6377be9a-1d7"
Expires: Sun, 20 Nov 2022 18:29:40 GMT
Last-Modified: Fri, 18 Nov 2022 17:19:22 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df5392604a77d6d86a577961fc58a356
97743574899cb3fb9cb1a4f2b0ce11db786b61c9
379c68205005b2708f58413c1b36b8c8c45f5455953dbd0727540f15c85ded5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4218
Cache-Control: max-age=160586
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:14 GMT
Etag: "6377be9a-1d7"
Expires: Sun, 20 Nov 2022 18:29:40 GMT
Last-Modified: Fri, 18 Nov 2022 17:19:22 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df5392604a77d6d86a577961fc58a356
97743574899cb3fb9cb1a4f2b0ce11db786b61c9
379c68205005b2708f58413c1b36b8c8c45f5455953dbd0727540f15c85ded5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4218
Cache-Control: max-age=160586
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 21:53:14 GMT
Etag: "6377be9a-1d7"
Expires: Sun, 20 Nov 2022 18:29:40 GMT
Last-Modified: Fri, 18 Nov 2022 17:19:22 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
scontent-hou1-1.cdninstagram.com/v/t51.29350-15/315352109_1086284302069185_2733292324981259162_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=w4wDuvLXizkAX8mhmft&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfA6kPQ30qI-UZt3nOxzO-M38dxD4Jtm1uwn1ekJ-sAeBw&oe=637C0326
157.240.24.63200 OK 49 kB URL HTTP/2 scontent-hou1-1.cdninstagram.com/v/t51.29350-15/315352109_1086284302069185_2733292324981259162_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=w4wDuvLXizkAX8mhmft&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfA6kPQ30qI-UZt3nOxzO-M38dxD4Jtm1uwn1ekJ-sAeBw&oe=637C0326
IP 157.240.24.63:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x540, components 3\012- data
Hash 9cfaac6b51f495bbdee1ae59cdcc1522
0a8e93b92bc57d1e41293ce75dc3d53cac77867b
6d3d0a8298cf63b054ca75d09603b1c32e10a936ca76299145deba124b601ca1
GET /v/t51.29350-15/315352109_1086284302069185_2733292324981259162_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=w4wDuvLXizkAX8mhmft&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfA6kPQ30qI-UZt3nOxzO-M38dxD4Jtm1uwn1ekJ-sAeBw&oe=637C0326 HTTP/1.1
Host: scontent-hou1-1.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sun, 13 Nov 2022 02:27:11 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 1480240169
x-needle-checksum: 2331555815
content-digest: adler32=2331555815
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 49191
x-fb-trip-id: 1679558926
date: Fri, 18 Nov 2022 21:53:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-hou1-1.cdninstagram.com/v/t51.29350-15/314877133_640173401106909_7881047570014474307_n.jpg?_nc_cat=104&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=t76fyMpUY8cAX8OZTOc&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCGqLkZH8xsFKdf0KR3UqD0EGB3GiaiPapTMEuoqDGIQg&oe=637DA95E
157.240.24.63200 OK 61 kB URL HTTP/2 scontent-hou1-1.cdninstagram.com/v/t51.29350-15/314877133_640173401106909_7881047570014474307_n.jpg?_nc_cat=104&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=t76fyMpUY8cAX8OZTOc&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCGqLkZH8xsFKdf0KR3UqD0EGB3GiaiPapTMEuoqDGIQg&oe=637DA95E
IP 157.240.24.63:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x960, components 3\012- data
Hash d9cb6c62dc9b38c82990ef8109f6db12
14a3b81311ea6f7b87017495f2758086886d0be1
5f241c94cf47385197a0c6816a9f1dedb49f1cc33599b4478e74d53746c8afc3
GET /v/t51.29350-15/314877133_640173401106909_7881047570014474307_n.jpg?_nc_cat=104&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=t76fyMpUY8cAX8OZTOc&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCGqLkZH8xsFKdf0KR3UqD0EGB3GiaiPapTMEuoqDGIQg&oe=637DA95E HTTP/1.1
Host: scontent-hou1-1.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 09 Nov 2022 02:52:58 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 1116525140
x-needle-checksum: 3061993380
content-digest: adler32=3061993380
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 60877
x-fb-trip-id: 1679558926
date: Fri, 18 Nov 2022 21:53:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-hou1-1.cdninstagram.com/v/t51.29350-15/314605879_521336369581841_8399242595015892820_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=kmaxwF-wgyIAX9Q2Po-&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBx_fg2RphbRd9X0n420nVjAbzHdUymBAQDJLAczvFUeQ&oe=637D2823
157.240.24.63200 OK 42 kB URL HTTP/2 scontent-hou1-1.cdninstagram.com/v/t51.29350-15/314605879_521336369581841_8399242595015892820_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=kmaxwF-wgyIAX9Q2Po-&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBx_fg2RphbRd9X0n420nVjAbzHdUymBAQDJLAczvFUeQ&oe=637D2823
IP 157.240.24.63:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x540, components 3\012- data
Hash bbd3b5761a6402bb9b39e330e552285c
8ed37b1f7cd672072e03bb4b8d9fbd4c44df9c31
404ccd3969870972e2aea4b1adc28b61c98a764137f79a75438297ae730e6a8b
GET /v/t51.29350-15/314605879_521336369581841_8399242595015892820_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=kmaxwF-wgyIAX9Q2Po-&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBx_fg2RphbRd9X0n420nVjAbzHdUymBAQDJLAczvFUeQ&oe=637D2823 HTTP/1.1
Host: scontent-hou1-1.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 06 Nov 2022 13:31:00 GMT
content-type: image/jpeg
x-needle-checksum: 1619157261
content-digest: adler32=1619157261
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 42105
x-fb-trip-id: 1679558926
date: Fri, 18 Nov 2022 21:53:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-hou1-1.cdninstagram.com/v/t51.29350-15/314246119_474870897951979_3023203605701921879_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=CvJ-3u5FeEwAX8_R6yO&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfC0oIyYzpbXAOwNNbGFwJJhdXzvzOrthcDJmQuoD_J_7g&oe=637C3169
157.240.24.63200 OK 45 kB URL HTTP/2 scontent-hou1-1.cdninstagram.com/v/t51.29350-15/314246119_474870897951979_3023203605701921879_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=CvJ-3u5FeEwAX8_R6yO&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfC0oIyYzpbXAOwNNbGFwJJhdXzvzOrthcDJmQuoD_J_7g&oe=637C3169
IP 157.240.24.63:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x540, components 3\012- data
Hash 939ce1f250ac36bb00d03ee503e70414
5744b019b1082758324d50a33fa87b5fe02f9803
3b508adb368c370c62c7e7ec6a7e760426b843c01d5d8044b3e800806ebc64c1
GET /v/t51.29350-15/314246119_474870897951979_3023203605701921879_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=CvJ-3u5FeEwAX8_R6yO&_nc_ht=scontent-hou1-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfC0oIyYzpbXAOwNNbGFwJJhdXzvzOrthcDJmQuoD_J_7g&oe=637C3169 HTTP/1.1
Host: scontent-hou1-1.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 04 Nov 2022 12:53:21 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 1477845839
x-needle-checksum: 3205911137
content-digest: adler32=3205911137
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 45374
x-fb-trip-id: 1679558926
date: Fri, 18 Nov 2022 21:53:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05289172c1455c4134e496c6f4606efd
ce1bb33256b0754f9acc01e7e9f3e5dc85f89244
a8b4411a0310cc376efe2aec7c0830b8d3b63b8827631b0ff43ec092f1f80f82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12065
x-amzn-requestid: 45c97153-71c7-4985-a1ad-fc21a509d153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K5FyVIAMFtDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-0f9d22dd544a4580570f3089;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dxT2WJB7m5tUhgBn2PwTIN4Zskzm3X7CW-29hl1nCyNPbKt5j6q5iA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:27 GMT
age: 86273
etag: "ce1bb33256b0754f9acc01e7e9f3e5dc85f89244"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=1668434009
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 16 Nov 2022 01:45:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elfsight-instagram-feed-cc/assets/elfsight-instagram-feed.js?ver=1668434009
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elfsight-instagram-feed-cc/assets/elfsight-instagram-feed.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elfsight-instagram-feed-cc/assets/elfsight-instagram-feed.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.7.4
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.7.4
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.7.4 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/fonts/dticon.ttf?7luiwh
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/fonts/dticon.ttf?7luiwh
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/fonts/dticon.ttf?7luiwh HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/css/dticon.css?ver=1668434009
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 20:31:24 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Sat, 18 Mar 2023 21:53:13 GMT
content-encoding: gzip
content-type: font/ttf
date: Fri, 18 Nov 2022 21:53:13 GMT
server: Apache
X-Firefox-Spdy: h2
demo.sociolib.com/evenue/wp-content/uploads/sites/12/2021/12/New-Project.png
104.21.0.250404 Not Found 0 B URL HTTP/2 demo.sociolib.com/evenue/wp-content/uploads/sites/12/2021/12/New-Project.png
IP 104.21.0.250:0
GET /evenue/wp-content/uploads/sites/12/2021/12/New-Project.png HTTP/1.1
Host: demo.sociolib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 18 Nov 2022 21:53:13 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L31VEr67JgCH22ExG6GNYNjHimlvzz3aih8UKYDaI0h782UQZyfvvENij6SXVyRN23maaTDcyqHQHBTVk860Y1v%2BvUXdLyHbyw2JatQAEBa44OzB3IVG0biYy3RWMaFKs%2FUtXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c3f00b4ebab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
htech.eti.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 13:48:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_reveal_animation.preview.js?ver=1668434009
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_reveal_animation.preview.js?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_reveal_animation.preview.js?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-length: 7883
content-type: application/javascript; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-widgets.css?ver=1668434009
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-widgets.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-widgets.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1668434009
108.167.132.218200 OK 0 B URL HTTP/2 htech.eti.br/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1668434009
IP 108.167.132.218:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1668434009 HTTP/1.1
Host: htech.eti.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 13:53:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 18 Nov 2023 21:53:12 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Fri, 18 Nov 2022 21:53:12 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Space+Grotesk%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CKumbh+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Space+Grotesk%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CKumbh+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
IP 142.250.74.10:0
GET /css?family=Space+Grotesk%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CKumbh+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://htech.eti.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 21:53:12 GMT
date: Fri, 18 Nov 2022 21:53:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2