www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
173.236.198.83301 Moved Permanently 301 B URL HTTP/1.1 www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
IP 173.236.198.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bbe8ca03ed12a61cd7e3906634b69f32
c06ea1e5ee74985daaca72408ff3ff32a32baee2
1750f05a178e079ef0f3a146d1fb30ae2e10901226a37b9087f812aefeeaf605
GET /chaseclean/login/auth.php?country.x&locale-8731002x=e?_ HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 18:05:39 GMT
Server: Apache
Location: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Content-Length: 301
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 17:35:23 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DpGFW73Suufh6SmASvtsydNQrhy1Nr5iN7PVk_mwaEzywpr7nHOVxg==
Age: 1815
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5542
Expires: Tue, 04 Oct 2022 19:38:02 GMT
Date: Tue, 04 Oct 2022 18:05:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1073a68ed38c8e3575e889224db944c
ee2a7a3e2da77a8540131f9ffaa0a20d4dd486bd
a9fb1f7ade7c8a79d2ee83e9b7215e66dc89ac733b11079297a8f4b9aceae1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4280
Expires: Tue, 04 Oct 2022 19:17:00 GMT
Date: Tue, 04 Oct 2022 18:05:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: M6V1kE5VymXKyX/VB9JBKL8TACqKxA+c68bYmbCb/3TqfYq4ySfgcXwONriFIxWIimVD98W55YA=
x-amz-request-id: W7M6T3ZGHYNS8JNX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Oct 2022 17:52:34 GMT
age: 786
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 18:05:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 17:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 18:21:41 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BVaENmI-uwNWj3wMleKBrQXgognDeWw8rNJUL1G-c0aZGXjHmwpnSQ==
Age: 2167
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5156
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 18:05:40 GMT
Last-Modified: Tue, 04 Oct 2022 16:39:44 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 18:05:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.edsonguilherme.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
173.236.198.83200 OK 12 kB URL HTTP/2 www.edsonguilherme.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 173.236.198.83:0
File type ASCII text, with very long lines (43771)
Hash 01af64d1d773c4d1b075283c9311884c
c56074a16e0f231c3c3a6c994cc5b9da5def2b7e
b2d553ec760d86a7f81e45a416b7d9907a82c9046df79ffde3ab9070155569fb
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Tue, 12 Jul 2022 23:45:22 GMT
etag: "15b64-5e3a4431076bc-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 12154
content-type: text/css
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
173.236.198.83404 Not Found 25 kB URL HTTP/2 www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
IP 173.236.198.83:0
Hash 8ecfbd7e5af10b070a517c145cbbdb7a
515843ebafbfa4d7e040da9ca6bb2fa0afff16ff
fb8d2c141c250824d749e7a0ee2302f5283f7bcf0582b1ac88b9b1fe5d6565c3
GET /chaseclean/login/auth.php?country.x&locale-8731002x=e?_ HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Tue, 04 Oct 2022 18:05:40 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.edsonguilherme.com.br/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.4.0
173.236.198.83200 OK 2.6 kB URL HTTP/2 www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.4.0
IP 173.236.198.83:0
File type ASCII text, with very long lines (17809), with no line terminators
Hash 59eef599605e3117a3e365e1415fdb71
74b2155ed5a802d8f287cfe5764261e9774112df
35da9d68ede2470f2f15bc2de8c227d309665ccf0eda4646ed34aeb5072e67a4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.4.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 14:57:10 GMT
etag: "4591-5dc9e822f3745-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 2573
content-type: text/css
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.5.0
173.236.198.83200 OK 1.9 kB URL HTTP/2 www.edsonguilherme.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.5.0
IP 173.236.198.83:0
File type ASCII text, with very long lines (5839), with no line terminators
Hash 756b72d31c932c18a03ab05e8355697c
b164f650cd3d4085a0f4ea152b813357f29ef5fc
796051d5a623e46e4d832a313c9d2e976348236f7ff58b973747f2bd34f3ba8f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.5.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Wed, 26 Jan 2022 22:35:14 GMT
etag: "16cf-5d683d0b2ec80-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 1868
content-type: text/css
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.4.0
173.236.198.83200 OK 9.1 kB URL HTTP/2 www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.4.0
IP 173.236.198.83:0
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash dd27962e8f0d23c805c56b1d42c70068
2af35dba3b1a807d4b23fbb8be46291ebd8dba88
53ee70830dfd05063f55772eb1556337b61e7fd4d1f59902cc6eca94803e1911
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.4.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 14:57:10 GMT
etag: "f523-5dc9e822f3745-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 9078
content-type: text/css
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.5.0
173.236.198.83200 OK 2.6 kB URL HTTP/2 www.edsonguilherme.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.5.0
IP 173.236.198.83:0
File type ASCII text, with very long lines (15346), with no line terminators
Hash 69ac6ed1d3f166368985a118cfbfa082
3562009e062f844f8725826d3fb91851527181a7
5c42a617c4a91e72828151396881a1c97d8a8a9f8d9d85ed4d49210c73820ca2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.5.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Wed, 26 Jan 2022 22:35:14 GMT
etag: "3bf2-5d683d0b2ec80-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 2626
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 18:05:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.edsonguilherme.com.br/wp-content/uploads/elementor/css/post-9.css?ver=1649950377
173.236.198.83200 OK 380 B URL HTTP/2 www.edsonguilherme.com.br/wp-content/uploads/elementor/css/post-9.css?ver=1649950377
IP 173.236.198.83:0
File type ASCII text, with very long lines (1166), with no line terminators
Hash 48b6f6686671a009f8c5e59f8722d3fa
c99905df464f62b603fa6bdb49bc6d3053249d0a
2ecd4799ff539327690b85b836ac83bc918b38f4010d15ee6ccd92b332fdd795
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-9.css?ver=1649950377 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 15:32:57 GMT
etag: "48e-5dc9f021e74d2-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 380
content-type: text/css
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VPtfR07zyI4neSgewHul/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2VBnPW8/fplUyrypo2Ga+XQYEbE=
www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.4.0
173.236.198.83200 OK 982 B URL HTTP/2 www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.4.0
IP 173.236.198.83:0
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.4.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 14:57:10 GMT
etag: "72a-5dc9e82303142-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 982
content-type: application/javascript
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.4.0
173.236.198.83200 OK 794 B URL HTTP/2 www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.4.0
IP 173.236.198.83:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash 50a068dd64a5c9f112e56850b52aaf21
8bc6cf0acbabf47f01cd2e256284bba23eb532fc
0f1570edcf461c1413534c142a5e7fef16d87701ae798c91da0e27b7796c3a26
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.4.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 14:57:10 GMT
etag: "85b-5dc9e822fe323-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 794
content-type: application/javascript
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
173.236.198.83200 OK 4.2 kB URL HTTP/2 www.edsonguilherme.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 173.236.198.83:0
File type ASCII text, with very long lines (11126)
Hash a65d5500f76589b8c41c6d1e8895c456
fc9b5b82c4a5c6973efcbca5f6ca01a5eb252a59
9cb0e5695834af1b05fa4e3699dc7be10857e491c8c511edb63ed7f337083d1d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "2bd8-5b45debe27b80-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 4204
content-type: application/javascript
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.4.0
173.236.198.83200 OK 1.1 kB URL HTTP/2 www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.4.0
IP 173.236.198.83:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 5435bb9f3915573d63a3f077b93a9cca
8ced1bb4a3d2fc494afb76c8bb21096b011f4989
f284ef138368b91d1e3044db010b4d04aad63a60f30a04907e3dc9108b096fb7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.4.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 14:57:10 GMT
etag: "bdd-5dc9e822fe323-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 1088
content-type: application/javascript
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
173.236.198.83200 OK 1.0 kB URL HTTP/2 www.edsonguilherme.com.br/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP 173.236.198.83:0
File type ASCII text, with very long lines (3113), with no line terminators
Hash a491b2ebcf30fc12bf807b3f1f569c7d
8d37ed2443f2db4271c05858a70c451cf5af543e
cfd1e69a7a80c9c84342eaf8ae3b6d6d199d217ae5110b3231cec9098a9cba21
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Wed, 30 Jun 2021 13:02:12 GMT
etag: "c29-5c5fb54b27d00-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 1010
content-type: application/javascript
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.4.0
173.236.198.83200 OK 1.0 kB URL HTTP/2 www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.4.0
IP 173.236.198.83:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 4e34cbd897375ae38364102a460bffb9
717333b42169a087e13d69a4e3ee169ed493ebfe
6fbd7f385cd635ee6652fd28b762c68f698f6e82f28ee38d8eab88c82ac90a38
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.4.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 14:57:10 GMT
etag: "b7a-5dc9e822fe323-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 1042
content-type: application/javascript
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.4.0
173.236.198.83200 OK 3.5 kB URL HTTP/2 www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.4.0
IP 173.236.198.83:0
File type ASCII text, with very long lines (9139)
Hash a848ebaad4a1c97fbd3873d467199a6e
e35e68f378d92c36d8a6bad679ffd15bd427e27d
d0d397500171abe2194be9c06ffafdbd1bcbeb9ebcf772bdbc0d142f5488e6d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.4.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 14:57:10 GMT
etag: "253d-5dc9e822ff2c3-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 3519
content-type: application/javascript
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
173.236.198.83200 OK 5.1 kB URL HTTP/2 www.edsonguilherme.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 173.236.198.83:0
File type ASCII text, with very long lines (15660)
Hash 3971154f76bf26e704b4910111d124ba
60dfcafe9593005b92cd0ce40f429b241ae3b287
549584b85b7433e767b71e774e5fcef37c40c19169e3979597b6ab7f8314b3c4
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Tue, 24 May 2022 23:41:33 GMT
etag: "48b9-5dfca7f26a488-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 5085
content-type: application/javascript
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.4.0
173.236.198.83200 OK 1.2 kB URL HTTP/2 www.edsonguilherme.com.br/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.4.0
IP 173.236.198.83:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash bf170a9d7da2859b13c948ee376381e5
91fd71a77e8c1a2cdbe0141146fd0c552a3d4725
3c4d75ab36c5ace75756b867eb824deee7eaff5778044e982b2324ff09ac6a17
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.4.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 14:57:10 GMT
etag: "1b83-5dc9e822f46e5-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-length: 1177
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 195d162678034c3ab84daffa4c4a5723
85fab036e8ab318c51b5c05ff33f2388e5716acd
03e8ce6aa80a44c5f2abf860c3bbf25d8e56fc49458a3f8c11fbe2130b71bb6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 18:05:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.edsonguilherme.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 01:31:40 GMT
expires: Mon, 02 Oct 2023 01:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 232441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
173.236.198.83200 OK 32 kB URL HTTP/2 www.edsonguilherme.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 173.236.198.83:0
Hash cbe98ea674a2cb87b27fb2ff2d03fa49
b44b5c5ba19e3a77392bfab9c365dab3f7e51a7e
a28251f89da6bd335d9d6992f5c6097e31a5af57542c5367a539a8adaa0084d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
etag: "15db1-5bd3006388300-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-type: application/javascript
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.edsonguilherme.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 513093
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 18:05:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.edsonguilherme.com.br/favicon.ico
173.236.198.83200 OK 0 B URL HTTP/2 www.edsonguilherme.com.br/favicon.ico
IP 173.236.198.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Mon, 14 Mar 2022 23:40:38 GMT
etag: "0-5da36352a5b32"
accept-ranges: bytes
content-length: 0
cache-control: max-age=172800
expires: Thu, 06 Oct 2022 18:05:41 GMT
vary: User-Agent
content-type: image/vnd.microsoft.icon
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16272
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 18:05:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16272
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 18:05:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16272
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 18:05:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16272
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 18:05:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16272
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 18:05:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 72588
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ae1e7d3-41cb-4400-8cae-870baa006b86.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ae1e7d3-41cb-4400-8cae-870baa006b86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a137925cb6116c46ce21c6e27933c44
2973e908318c68489bba9b4242254769a4f3d1ba
737bf9c3d2906a937ed0b082c8830982163be90acf8dd01dacc7ec80c5c8bcd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ae1e7d3-41cb-4400-8cae-870baa006b86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7777
x-amzn-requestid: d035ce80-1700-4e69-8b75-e0bf47ca9ddf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCWCFw4oAMFVDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63311759-0412900d669b5381058ec9a2;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:07:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1VY-i7YZI4ACXrrwL9CSNQb0mjLUnhsVCLER7f_fUHxqJkzrP3aSnA==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 06:18:54 GMT
age: 42408
etag: "2973e908318c68489bba9b4242254769a4f3d1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62719b24a32198c6f462a0a0412ac98
d893d8035379e06e53e365b9f47f5da40bff932b
ca863affca1559e92e415a4de2e78e4b4c1ec4cf8e8549693499c6f79bd27975
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10878
x-amzn-requestid: a849d918-ec40-47d4-93cb-e938b010bd50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpJKGAPIAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556d-242a8d2208b6574c34063c1f;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 40cLnZvUr45pWmnT6qZgZu13Y1pyeycMEK-m9ALI1LVo2Wpysjt7Vw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:45:04 GMT
age: 73238
etag: "d893d8035379e06e53e365b9f47f5da40bff932b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
age: 71683
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 70583
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 72536
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.2.1
173.236.198.83200 OK 0 B URL HTTP/2 www.edsonguilherme.com.br/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.2.1
IP 173.236.198.83:0
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.2.1 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 14:57:12 GMT
etag: "33d77-5dc9e82483d3a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-type: text/css
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.4
173.236.198.83200 OK 0 B URL HTTP/2 www.edsonguilherme.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.4
IP 173.236.198.83:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.4 HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 14:30:55 GMT
etag: "1a592-5dc9e244858ad-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 18:05:41 GMT
content-type: text/css
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 18:05:41 GMT
date: Tue, 04 Oct 2022 18:05:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.edsonguilherme.com.br/?wc-ajax=get_refreshed_fragments
173.236.198.83200 OK 0 B URL HTTP/2 www.edsonguilherme.com.br/?wc-ajax=get_refreshed_fragments
IP 173.236.198.83:0
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.edsonguilherme.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.edsonguilherme.com.br
Connection: keep-alive
Referer: https://www.edsonguilherme.com.br/chaseclean/login/auth.php?country.x&locale-8731002x=e?_
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 18:05:41 GMT
server: Apache
access-control-allow-origin: https://www.edsonguilherme.com.br
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
vary: User-Agent
content-type: application/json; charset=UTF-8
X-Firefox-Spdy: h2