r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3914
Expires: Mon, 26 Sep 2022 22:44:18 GMT
Date: Mon, 26 Sep 2022 21:39:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 21:15:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1Lg9-7T56XjOGoD2aZ3s6-hEljd5VQikssSKp7sKxrxCeDhVdU7ejw==
Age: 1422
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hnGRqH2N3l2yzoK2DiwLPaXVAZq5EphLRSUF5O2Z25Od2I2LFKfu_Q==
age: 61429
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:39:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 21:10:46 GMT
Expires: Mon, 26 Sep 2022 21:35:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Koo45XJJohMyaiQG31qEl7Wmmgy3bfcrskuH127xX3FoS-x20M5eJQ==
Age: 1699
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4394
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:39:05 GMT
Last-Modified: Mon, 26 Sep 2022 20:25:51 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.217.251101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.217.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yQWZLNpeuA1xoxWdCrshXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QgpOyJrKaoJdrY2d+oQJweZi1mk=
heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
162.241.6.158301 Moved Permanently 20 B URL HTTP/1.1 heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de HTTP/1.1
Host: heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 21:39:03 GMT
Server: Apache
X-UA-Compatible: IE=edge
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Location: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
Content-Length: 20
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6732
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 21:39:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6732
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 21:39:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6732
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 21:39:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 84530
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGRBCfCtZkeYhbTpaE18IpIgUtOHyttE-0hRk8fWVB9sJS2rSbP22g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:05:32 GMT
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
age: 84814
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d79a3a5bd7dc7aa6cab306176fafd11
0d5cb1f3e3ea510308034a5e569c0e65fae30835
57979dfcf6fdc76f04e4790c2b94b876e188ac780aa49d9bfc8a58c498dc4203
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: e7b997d7-f9ce-40c6-b9bb-372ee10d8ad0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTAfEX5oAMFcHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb9c-31e295e33ead940f381121a1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:43:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p7rimTrmOgUnwPuESSKSrsWlzhiSBJYx9h8XIacxP8DUyyvXye2iyg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:49:56 GMT
age: 85750
etag: "0d5cb1f3e3ea510308034a5e569c0e65fae30835"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a75be68e82e6a0ba74932fbe74c7b30
36310320605833289e78cd248c45915363a0a0c3
56d709b77802037254b7922e3f85d1b1652b70dfc4b6c65b03e4149d3b1f22ca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6443
x-amzn-requestid: b6f3be01-6086-4fc1-8bec-c4caa1fe806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKMG04IAMFRxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca41-5452d1805d3f4d71303142c9;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tx-lL61dT3iakJd8VZw31hzMklubUDBQxE6LBhxsJUqyMM0bqCk73g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:07:18 GMT
age: 84708
etag: "36310320605833289e78cd248c45915363a0a0c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: igIWZ2IhMA_GIovp4HgIHtGeDt5xoX0iThoQFKjnNJUYP_uMdO7FHw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 00:33:08 GMT
age: 75958
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mToVKJcSAtJB1AOuQ-Y9o_EZzyhUuZJivVa3DLql5FwzK4NC82kh5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:06:17 GMT
age: 84769
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
162.241.6.158404 Not Found 6.0 kB URL HTTP/1.1 www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2362), with CRLF, LF line terminators
Hash a1b62069d54091c5e34c35fdb73f8f3d
62a4e29ec97f772049ed3387afa789eca184ebb2
8e9fec4ea915b63923963d23027d29717b40c410625ef49a062d2a8e839c07c9
GET /first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Mon, 26 Sep 2022 21:39:05 GMT
Server: Apache
X-UA-Compatible: IE=edge
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.heatd.com.br/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.heatd.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.3.13
162.241.6.158200 OK 6.1 kB URL HTTP/1.1 www.heatd.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.3.13
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (41045), with no line terminators
Hash e249e51bc3661ceb614f1ad31574c939
ca981ab391193e11e93775f3c25abc452b0e3908
950b57fc13a5c515fffe9c67a69da06e9e833430253210d0cd9fe4aff93d667f
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.13 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:06 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6132
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.13
162.241.6.158200 OK 639 B URL HTTP/1.1 www.heatd.com.br/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.13
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1939), with no line terminators
Hash 7bc046e2d43575a56470413ceaf2e9c6
1a93c387571254e813c6e71c534040ab07d235f1
a50dc7bbede056afd28a916cb96e82d8d3eebecd474eba54110d2908f595402b
GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.3.13 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:06 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 639
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-content/themes/oceanwp/assets/css/third/magnific-popup.min.css?ver=1.0.0
162.241.6.158200 OK 1.6 kB URL HTTP/1.1 www.heatd.com.br/wp-content/themes/oceanwp/assets/css/third/magnific-popup.min.css?ver=1.0.0
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5235), with no line terminators
Hash 7b7838417749ab97b22ac367fa66349e
194584047ca244dcdadda26052a13615631af2d7
4d178fa2f64746d5ed4b1d2a4b6fbcddb33b964d5d9fb2d6f3659a997c77db81
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/oceanwp/assets/css/third/magnific-popup.min.css?ver=1.0.0 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:06 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1553
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
162.241.6.158200 OK 2.4 kB URL HTTP/1.1 www.heatd.com.br/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10909), with no line terminators
Hash f8228230f140ee1f788ce507dc7c9735
15ed9316c2297317cae21e3b2d6a7097629ea5a5
bbedc007a57fd6aca1984ff7ade0743ec33c6a8e53e9c261a1520f662cc3db06
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:06 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2439
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.11.2
162.241.6.158200 OK 12 kB URL HTTP/1.1 www.heatd.com.br/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.11.2
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (56656)
Hash ecd8a82398cc6e1271a8351d733a21eb
fdd8f759a03ed0c167c73e648fda5174ee6eb3f8
87590f0e3a2e7b426fd39b055a68d8f7e07bd88de76e9f674cafebf9c01c94af
GET /wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.11.2 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:06 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12347
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-content/plugins/wp-megamenu/assets/css/wpmm.css?ver=1.3.5
162.241.6.158200 OK 8.5 kB URL HTTP/1.1 www.heatd.com.br/wp-content/plugins/wp-megamenu/assets/css/wpmm.css?ver=1.3.5
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 1533a406fd74ac722d3e0a5e0a34c848
967aa8d226b2c8f2dbaa98a4a3b22b48ad29a9d7
c66a3a362c09f9dbd341b142e9f1bc800e028f5497b47681ab3f8717271d842d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-megamenu/assets/css/wpmm.css?ver=1.3.5 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:06 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8528
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-content/themes/oceanwp/assets/css/third/slick.min.css?ver=1.6.0
162.241.6.158200 OK 586 B URL HTTP/1.1 www.heatd.com.br/wp-content/themes/oceanwp/assets/css/third/slick.min.css?ver=1.6.0
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1618), with no line terminators
Hash cb400ae0071d4ce217878ce99e42c195
4bd8d07966054867434f23be631e5e22f9ccb2c7
c17866b81de57c865451114254e270d43f6d2a85dbabcf6175d1509d7c98e1ec
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/oceanwp/assets/css/third/slick.min.css?ver=1.6.0 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:06 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 586
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-includes/css/dashicons.min.css?ver=5.3.13
162.241.6.158200 OK 28 kB URL HTTP/1.1 www.heatd.com.br/wp-includes/css/dashicons.min.css?ver=5.3.13
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (47529)
Hash a90a88620f0674bd9f3513bc08163837
51fbb6809692541a3b2022048f0f509ff26d1b6b
87389a63f1fa87832527f41bc873850d689b9c1da632b18315483100f654ed68
GET /wp-includes/css/dashicons.min.css?ver=5.3.13 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:06 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:40:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 28487
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-content/plugins/ocean-extra/assets/css/widgets.css?ver=5.3.13
162.241.6.158200 OK 5.7 kB URL HTTP/1.1 www.heatd.com.br/wp-content/plugins/ocean-extra/assets/css/widgets.css?ver=5.3.13
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (37001)
Hash c4a740f0a8adff1a27aaeef8a1074753
c869df5e6a7484a6b54997529cbeec2985670f8a
e0b84442e9260604e1bc086b3db0d2e62632a495dd0665f2c41f994b34d708eb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ocean-extra/assets/css/widgets.css?ver=5.3.13 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:06 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5671
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
162.241.6.158200 OK 4.0 kB URL HTTP/1.1 www.heatd.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4014
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.heatd.com.br/wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/wpmm-featuresbox.js?ver=1
162.241.6.158200 OK 241 B URL HTTP/1.1 www.heatd.com.br/wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/wpmm-featuresbox.js?ver=1
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 997c8726d6578f71fb4cfdde2ab7243e
b9d04016ff8a43d46686a4de91520d65c471808b
e7fbd3a9c19cd3596162f806a2767127d24b6c27f80820b0393ad324241f2fa6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/wpmm-featuresbox.js?ver=1 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 241
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.heatd.com.br/wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/wpmm-gridpost.js?ver=1
162.241.6.158200 OK 829 B URL HTTP/1.1 www.heatd.com.br/wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/wpmm-gridpost.js?ver=1
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4884617f24c0e5a635c4f552706331bf
1047fcc95fabfb686e8de8f8dd865290ea1d09bf
e0d1aa0a3ac486c8cdb86707868f465c6f6d9290e69e7e4c24227303cb9783ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/wpmm-gridpost.js?ver=1 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 829
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.heatd.com.br/wp-content/plugins/wp-megamenu/assets/js/wpmm.js?ver=1.3.5
162.241.6.158200 OK 1.8 kB URL HTTP/1.1 www.heatd.com.br/wp-content/plugins/wp-megamenu/assets/js/wpmm.js?ver=1.3.5
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 9c268e7bc916d59cdee1b2ef7f618a7a
1965080629d240dfb1df74b0f5c2b34f59308d81
28bb1eef00f975d10ba8de3931b93d1259f41e946b9b1a553eb3695231239d62
GET /wp-content/plugins/wp-megamenu/assets/js/wpmm.js?ver=1.3.5 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1772
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.heatd.com.br/wp-includes/js/imagesloaded.min.js?ver=3.2.0
162.241.6.158200 OK 2.6 kB URL HTTP/1.1 www.heatd.com.br/wp-includes/js/imagesloaded.min.js?ver=3.2.0
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7996)
Hash 38b694df325f3d381d4d839d33cfb59c
82c4d20653dc93197b17e84a7b1274dac4f49588
e220e69ff51b9e853e6206a7d3204c8129e175141f5dd4e93e67a72fefdaa3b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=3.2.0 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2551
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.heatd.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
162.241.6.158200 OK 34 kB URL HTTP/1.1 www.heatd.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31997)
Hash acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:06 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33776
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.heatd.com.br/wp-content/themes/oceanwp/assets/css/style.min.css?ver=1.7.7
162.241.6.158200 OK 23 kB URL HTTP/1.1 www.heatd.com.br/wp-content/themes/oceanwp/assets/css/style.min.css?ver=1.7.7
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65531), with no line terminators
Hash 395901d2345cecaaa2a7e329402931b1
3b6f95e4f440e4f688645aeb277819e3897a9f58
80129223af52e7edb88e5f58afbd32b527d3c56f101c739586927c297de2bea3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/oceanwp/assets/css/style.min.css?ver=1.7.7 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:06 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 23344
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-content/themes/oceanwp/assets/js/third/lightbox.min.js?ver=1.7.7
162.241.6.158200 OK 561 B URL HTTP/1.1 www.heatd.com.br/wp-content/themes/oceanwp/assets/js/third/lightbox.min.js?ver=1.7.7
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1248), with no line terminators
Hash 3021979baa35cbaca1044009506c140b
3c1c729ccc7f264be8ee7d6a3b052617e13529c5
01139d86a2a3cd2dbbe3214e432977b2eb4711d7b6d60a6246ee0903a5feb000
GET /wp-content/themes/oceanwp/assets/js/third/lightbox.min.js?ver=1.7.7 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 561
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.heatd.com.br/wp-content/themes/oceanwp/assets/js/third/magnific-popup.min.js?ver=1.7.7
162.241.6.158200 OK 7.2 kB URL HTTP/1.1 www.heatd.com.br/wp-content/themes/oceanwp/assets/js/third/magnific-popup.min.js?ver=1.7.7
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19923), with no line terminators
Hash e34454c1274aa48c197c9fbb9d94e689
86ae1777b5330845f10ce9813b5afd705d3e09bf
344830e5bb0fb660c99f18273d63fdb1bc698dbed1c98dacf5cceb6dfe8be3bf
GET /wp-content/themes/oceanwp/assets/js/third/magnific-popup.min.js?ver=1.7.7 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7188
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.heatd.com.br/wp-includes/js/wp-embed.min.js?ver=5.3.13
162.241.6.158200 OK 739 B URL HTTP/1.1 www.heatd.com.br/wp-includes/js/wp-embed.min.js?ver=5.3.13
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391), with no line terminators
Hash 60d8829560031a011771efa2f39708af
a4689c3b70f773deb896eec78028e0902ef15097
a0176bd4cc53bd2e920b0dfd10f56d2a4a3820d671539414ef4b3e2b3e50b9b7
GET /wp-includes/js/wp-embed.min.js?ver=5.3.13 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:40:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 739
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.heatd.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.3.13
162.241.6.158200 OK 4.6 kB URL HTTP/1.1 www.heatd.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.3.13
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10927)
Hash cecddf5ddbcefd9b5e6e2c9ccf2b0f88
47af5b49999884a7baa802269b58844df86adda3
17273e8bdfa2d374b963fda5ed3fff219ee4d53031356c6181430f92aea473e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.13 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:40:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4619
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.heatd.com.br/wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/wpmm-featuresbox.css?ver=1
162.241.6.158200 OK 322 B URL HTTP/1.1 www.heatd.com.br/wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/wpmm-featuresbox.css?ver=1
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0ac73be967a7d9131bf650f7e6de3efe
8b0bb91396f4633a7052b414b9f8094d67e3f043
2a03fb03aabb20daeadcbf6840b84aa8fc24ab6be1480d229a7658569a691bc4
GET /wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/wpmm-featuresbox.css?ver=1 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 322
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/wpmm-gridpost.css?ver=1
162.241.6.158200 OK 1.5 kB URL HTTP/1.1 www.heatd.com.br/wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/wpmm-gridpost.css?ver=1
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 24e1c39637e0caf2c12f24f3ef1539d6
4f792a04ed8283732d1c20aae832953243bca420
207687845d5a08951e67ec9810b07a58b22e1e824cf4a7150ad5d367411df0c6
GET /wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/wpmm-gridpost.css?ver=1 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1484
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.heatd.com.br/wp-content/themes/oceanwp/assets/js/main.min.js?ver=1.7.7
162.241.6.158200 OK 33 kB URL HTTP/1.1 www.heatd.com.br/wp-content/themes/oceanwp/assets/js/main.min.js?ver=1.7.7
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 89f347680269e42fdabbf148f8129c66
2f5ab5f51fc89ad6d21630522c2dc50023af28cd
3621699d31ff0812f82192d82ae30e1d6229e780b4e1195c475eed18b57ab7e2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/oceanwp/assets/js/main.min.js?ver=1.7.7 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.heatd.com.br/first/login.php?cmd=login_submit&id=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de&session=9fa57cc90b7a0565af4e930c306e90de9fa57cc90b7a0565af4e930c306e90de
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33061
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.heatd.com.br/wp-content/uploads/2020/03/cropped-logo_branco.png
162.241.6.158200 OK 3.0 kB URL HTTP/1.1 www.heatd.com.br/wp-content/uploads/2020/03/cropped-logo_branco.png
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 58, 8-bit colormap, non-interlaced\012- data
Hash 6b770fceeb4a1494c4838af1724f876e
e2f456080aa30f642b13f629a946949d84f5e4f1
544c1e682d7b848175293c5137fec025fcbd71780bef6add877e706fedae1d70
GET /wp-content/uploads/2020/03/cropped-logo_branco.png HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.heatd.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Content-Length: 2982
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
www.heatd.com.br/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0
162.241.6.158200 OK 30 kB URL HTTP/1.1 www.heatd.com.br/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 30064, version 1.0\012- data
Hash 0cb0b9c589c0624c9c78dd3d83e946f6
5da603104d4d6e362824ec9e7db32eb2d617949a
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.heatd.com.br/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Content-Length: 30064
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
www.heatd.com.br/wp-content/themes/oceanwp/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
162.241.6.158200 OK 76 kB URL HTTP/1.1 www.heatd.com.br/wp-content/themes/oceanwp/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 75728, version 330.32636\012- data
Hash 44d537ab79f921fde5a28b2c1636f397
b2879f9e1d0985a96842bf7f55a2b2cc4c636d04
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/oceanwp/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.heatd.com.br/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.11.2
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Content-Length: 75728
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
www.heatd.com.br/loja/media/wysiwyg/images/logo-rodape-new.png
162.241.6.158200 OK 2.4 kB URL HTTP/1.1 www.heatd.com.br/loja/media/wysiwyg/images/logo-rodape-new.png
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 134 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash c6931f62d4b1b0fb7643f2e685c6dc04
a94e5ea8ac204cbe0419f3a83b845e81bc8cb7e6
a4560451eb79c8748cebd09fc5e32f109b57435cb50b7cec24b83acd5e008c7a
GET /loja/media/wysiwyg/images/logo-rodape-new.png HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.heatd.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 18:34:58 GMT
Accept-Ranges: bytes
Content-Length: 2428
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
www.heatd.com.br/wp-content/uploads/2020/03/pagseguro.png
162.241.6.158200 OK 18 kB URL HTTP/1.1 www.heatd.com.br/wp-content/uploads/2020/03/pagseguro.png
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 218 x 119, 8-bit/color RGBA, non-interlaced\012- data
Hash 38b4b90c391729e50b4a7aa9e9454ef3
7e311e78f5f5c4e60f172cca804a89dd31b05932
d5fba628ac24c65fa3c153ba02ab6052149776666e72076a3f765b0019769712
GET /wp-content/uploads/2020/03/pagseguro.png HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.heatd.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Content-Length: 18457
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
www.heatd.com.br/wp-content/uploads/2020/03/cropped-favicon-32x32.png
162.241.6.158200 OK 932 B URL HTTP/1.1 www.heatd.com.br/wp-content/uploads/2020/03/cropped-favicon-32x32.png
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 1ec5ad7776f2fea05c2bf120298239fb
a0adeba04fe2ef6925f5fbfcfbe543d6b1e34ca2
1d1e611b0e082f7735bcecb40e4739be6c65d47e6c82263ccc73217b1a51590d
GET /wp-content/uploads/2020/03/cropped-favicon-32x32.png HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.heatd.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:25 GMT
Accept-Ranges: bytes
Content-Length: 932
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.heatd.com.br/wp-content/uploads/2020/03/cropped-favicon-192x192.png
162.241.6.158200 OK 5.7 kB URL HTTP/1.1 www.heatd.com.br/wp-content/uploads/2020/03/cropped-favicon-192x192.png
IP 162.241.6.158:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a7114aabc5dd3fdf13372d21cffc9e2c
e94308f03cca2302b33df514e659886dc0d32d0d
944a727049b4368e022a41dfdfe9a623c12a41d7f555ab7d537689e1dd0ddb08
GET /wp-content/uploads/2020/03/cropped-favicon-192x192.png HTTP/1.1
Host: www.heatd.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.heatd.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:39:07 GMT
Server: Apache
Last-Modified: Fri, 20 Nov 2020 11:47:26 GMT
Accept-Ranges: bytes
Content-Length: 5698
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png