Overview

URLwww.primegestaoempresarial.com/trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365
IP 192.185.223.116 (United States)
ASN#46606 UNIFIEDLAYER-AS-1
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-10-15 01:30:22 UTC
StatusLoading report..
IDS alerts0
Blocklist alert5
urlquery alerts No alerts detected
Tags None

Domain Summary (12)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-14 11:44:20 UTC 216.58.211.10
firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-14 19:30:27 UTC 143.204.55.35
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-14 05:36:50 UTC 34.160.144.191
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-14 21:16:53 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-14 04:44:18 UTC 35.167.231.108
www.primegestaoempresarial.com (1) 0 2019-11-20 20:41:20 UTC 2022-10-09 01:31:20 UTC 192.185.223.116 Unknown ranking
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-14 15:25:34 UTC 34.120.237.76
ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-10-14 04:19:42 UTC 142.250.74.3
r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-10-14 04:41:04 UTC 23.36.77.32
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-14 04:19:48 UTC 34.117.237.239
primegestaoempresarial.com (10) 0 2019-11-20 20:41:18 UTC 2022-10-13 11:48:13 UTC 192.185.223.116 Unknown ranking
fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-10-14 23:17:29 UTC 172.217.21.163 Domain (gstatic.com) ranked at: 540

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-15 2 primegestaoempresarial.com/wp-includes/js/wp-embed.min.js?ver=4.8.20 Phishing
2022-10-15 2 primegestaoempresarial.com/wp-content/themes/twentyseventeen/assets/js/skip (...) Phishing
2022-10-15 2 primegestaoempresarial.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Phishing
2022-10-15 2 primegestaoempresarial.com/wp-content/themes/twentyseventeen/style.css?ver= (...) Phishing
2022-10-15 2 primegestaoempresarial.com/wp-includes/js/jquery/jquery.js?ver=1.12.4 Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.185.223.116
Date UQ / IDS / BL URL IP
2022-10-15 01:30:22 +0000 0 - 0 - 5 www.primegestaoempresarial.com/trade/alaska/a (...) 192.185.223.116
2022-10-09 01:31:31 +0000 0 - 0 - 5 www.primegestaoempresarial.com/trade/alaska/a (...) 192.185.223.116
2022-10-08 01:33:30 +0000 0 - 0 - 5 www.primegestaoempresarial.com/trade/alaska/a (...) 192.185.223.116
2022-10-03 18:36:53 +0000 0 - 0 - 3 www.primegestaoempresarial.com/trade/alaska/a (...) 192.185.223.116
2022-10-03 18:36:40 +0000 0 - 0 - 3 www.primegestaoempresarial.com/trade/alaska/a (...) 192.185.223.116


Last 5 reports on ASN: UNIFIEDLAYER-AS-1
Date UQ / IDS / BL URL IP
2023-02-01 15:15:16 +0000 0 - 1 - 0 justforwookiees.com/wellz/authq/login.php?cmd (...) 162.144.14.116
2023-02-01 14:56:49 +0000 0 - 3 - 0 abaeandl2.tk/ 142.4.20.37
2023-02-01 14:40:40 +0000 0 - 1 - 0 pcatexam.com/otaa/index.php?e=charts.zip 108.167.161.54
2023-02-01 14:22:32 +0000 0 - 2 - 0 www.geyson.com.br/util/AnyDeskPortable.exe 192.185.177.147
2023-02-01 14:11:00 +0000 0 - 3 - 0 artesanoholisticointuitivo.hispanet.biz/ 162.241.252.167


Last 5 reports on domain: primegestaoempresarial.com
Date UQ / IDS / BL URL IP
2022-10-15 01:30:22 +0000 0 - 0 - 5 www.primegestaoempresarial.com/trade/alaska/a (...) 192.185.223.116
2022-10-09 01:31:31 +0000 0 - 0 - 5 www.primegestaoempresarial.com/trade/alaska/a (...) 192.185.223.116
2022-10-08 01:33:30 +0000 0 - 0 - 5 www.primegestaoempresarial.com/trade/alaska/a (...) 192.185.223.116
2022-10-03 18:36:53 +0000 0 - 0 - 3 www.primegestaoempresarial.com/trade/alaska/a (...) 192.185.223.116
2022-10-03 18:36:40 +0000 0 - 0 - 3 www.primegestaoempresarial.com/trade/alaska/a (...) 192.185.223.116


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-27 18:03:27 +0000 0 - 0 - 2 xfjportal.com/wp-content/uploads/2022/01/sm22 (...) 172.67.203.142
2022-12-01 09:53:12 +0000 0 - 0 - 11 micropayme.de/http:/micropayme.de/wp-content/ (...) 92.204.55.198
2022-12-01 09:53:09 +0000 0 - 0 - 11 micropayme.de/http:/micropayme.de/wp-content/ (...) 92.204.55.198
2022-10-24 01:03:17 +0000 0 - 0 - 9 rleegreer.com/2018/12/08/hello-world 162.241.252.74
2022-10-09 01:31:31 +0000 0 - 0 - 5 www.primegestaoempresarial.com/trade/alaska/a (...) 192.185.223.116

JavaScript

Executed Scripts (9)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (34)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1C82A5FD2BC3F16A66BECB5E1924E8C9EDD39386622DC2E5ED296442F4307B2B"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6577
Expires: Sat, 15 Oct 2022 03:19:48 GMT
Date: Sat, 15 Oct 2022 01:30:11 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 15 Oct 2022 00:50:00 GMT
Expires: Sat, 15 Oct 2022 01:23:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vIl1gtxFAIngeIjJSMyPPEqdaYRpYzG1YF9iGoquvvDyFkFKGAMDdQ==
Age: 2411


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c9df6b36bf16969ac566c1b798362e4a
Sha1:   e56eff34815153ae019a4bf63eb9746dd9ae2e5b
Sha256: 33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6C840089371A0E25D60D0D76D6400348B0CDFB5967876C7B88E2B4A2AAF01A03"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8064
Expires: Sat, 15 Oct 2022 03:44:35 GMT
Date: Sat, 15 Oct 2022 01:30:11 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 0v8r6ngc/yRVucEjuuBj64onipRTXrwhvsRHYOiRMgZtp3Xw5KeJvIoQwoWyvJcKToYbfV7JqWw=
x-amz-request-id: 81BWYC52Z8EZ39DQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 15 Oct 2022 01:02:23 GMT
age: 1668
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 15 Oct 2022 01:30:11 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 15 Oct 2022 01:07:43 GMT
Expires: Sat, 15 Oct 2022 01:44:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qNIF_-n-6_AsoqT86BHD5RZbAV8W8WUjQWhg2RNeajbodS3nS0brmQ==
Age: 1348


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4778
Cache-Control: max-age=114977
Date: Sat, 15 Oct 2022 01:30:12 GMT
Etag: "6349189b-1d7"
Expires: Sun, 16 Oct 2022 09:26:29 GMT
Last-Modified: Fri, 14 Oct 2022 08:06:51 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z+mb4YQbaDSPbfp6LGFNWg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.167.231.108
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9VoFuaX3d/eZVSIcxKJrldOT3ug=

                                        
                                            GET /trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365 HTTP/1.1 
Host: www.primegestaoempresarial.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         192.185.223.116
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Sat, 15 Oct 2022 01:30:11 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://primegestaoempresarial.com/trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14033
Expires: Sat, 15 Oct 2022 05:24:06 GMT
Date: Sat, 15 Oct 2022 01:30:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14033
Expires: Sat, 15 Oct 2022 05:24:06 GMT
Date: Sat, 15 Oct 2022 01:30:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14033
Expires: Sat, 15 Oct 2022 05:24:06 GMT
Date: Sat, 15 Oct 2022 01:30:13 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13261
x-amzn-requestid: dd760e09-701e-4956-9723-386edc97c694
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fH6FzIoAMFzJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344deff-197cf4f048e146af5654d0bd;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FG87tXqLw2s9wd8SpMNGbYzroLHz4inDaCGnUMOUKhvEqSvqfBwR4A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 06:20:37 GMT
age: 68976
etag: "2010f9656d87e6f5220f131628c537720c3673e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13261
Md5:    54edb9ab897821172fc13756df376ee7
Sha1:   2010f9656d87e6f5220f131628c537720c3673e1
Sha256: 6694c1be0adf97fa77d1bfa29337d9e609b729a58d42e141e9bb55ed6367b1d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0ccfd7-6dc6-469b-bee1-7de141fecb1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6454
x-amzn-requestid: 4774f611-4ee1-40e7-804b-229bfff6c5a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjS3MGmdoAMFqKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfe94-451518b50ab53f2538d0c13f;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 22:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2Ra0AP60Ts4OidLByrMWpcUixuPQZGP8QliETUca6vdyqZfO9oxGDQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:51:09 GMT
age: 13144
etag: "9b73cbeff3361c30600bea9f12a862ae2c4f1e01"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6454
Md5:    902f6b585d65d720ff096817ca1f2233
Sha1:   9b73cbeff3361c30600bea9f12a862ae2c4f1e01
Sha256: 8669095b4abaab1bbe1a9f65eb61e7caf713c36f8a24ed0979f482bb3356b79c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f9401d-a14e-4329-9b79-ed52e44260bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 87efc832-3e8a-4564-a511-cd85c8e9d28b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z1CmlG4eIAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634517c3-345231cf0f27df3324eebc3f;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 07:14:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DseUDkSIIH43zSsVhK-okfDZin5jAG879zx7YHXsblwXbt8lRTAduA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 17:49:30 GMT
age: 27643
etag: "c3280a2522d28ec5e59714243081d7e8b58d5b7f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    6bdad7a647699e05b8d55c8b6dbbef17
Sha1:   c3280a2522d28ec5e59714243081d7e8b58d5b7f
Sha256: 2600ca42a01785b728a6094c67067fb7a8d596458afa58b4ef992a411c0a0e56
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd268c3-27b8-467e-bdc3-ab2dab1a3b6d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3894
x-amzn-requestid: f46ef5cf-34c4-4024-a1cb-7a46985a0225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aA5pWEHeoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6349d63b-26b43ef606fd070f153225a3;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 21:35:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CpzNn6qKh_Sdq5Ff8t6jCRxBy8RSwHH3Gc6rq-eZsXV0Jgtz21Om3A==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:49:18 GMT
etag: "46c2110541fe6eec046efea92940d17b69e410dc"
age: 13255
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3894
Md5:    644dadbc61528fb78d6a4d37809a4da1
Sha1:   46c2110541fe6eec046efea92940d17b69e410dc
Sha256: 6cdb2203d1ddb0e17728a5cede16bb7cf058172b0c61ca6e5082a514a447bf88
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a3b2ace-090c-4763-8c3d-485b06c6db7f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4205
x-amzn-requestid: c94a4ce7-f219-4473-93f6-fdb6c506dbe0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7EhLGItoAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347813a-6cbcef6d3dd353dd21bb6080;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 03:08:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AKdqp_10qE7MirjRVuAi6u6TcSInX5My8o0acVl7bI4mWuHGLQaKDQ==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 03:55:44 GMT
age: 77669
etag: "a63ad4f69b8f59f00cf06e06096488bc10af9d74"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4205
Md5:    e1c7702a6206faeb2ca8f81c15ad37ff
Sha1:   a63ad4f69b8f59f00cf06e06096488bc10af9d74
Sha256: 392e67ad7cc5ee65f30cab488861ccd06770cd1230814095185f81e895d5000e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03997513-5277-4522-89f8-818ae1af1ed4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10564
x-amzn-requestid: b55c8d77-e8bb-4bbe-a672-332d3ba4a9eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkGy5FrMoAMFgQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e51ab-1fd3e756011e6f3d6ef3d249;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:55:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OWGlwjRs06nNHvIOk9sO4I6MZCrM1vIoYNyeeNXz7DjD4Q34w24BsA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:42:29 GMT
age: 13664
etag: "b1b31f7c2380fda954c3c7f622c0f6ab59e263a6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10564
Md5:    9605311cdd6ecc7e959369acac85f0c1
Sha1:   b1b31f7c2380fda954c3c7f622c0f6ab59e263a6
Sha256: a296e70d90138f45fd69cd1c1333c1dba11a290f0d0d4058c59e1ebc47848270
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 15 Oct 2022 01:30:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365 HTTP/1.1 
Host: primegestaoempresarial.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         192.185.223.116
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Sat, 15 Oct 2022 01:30:13 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://primegestaoempresarial.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Size:   19068
Md5:    7da5a9cea34ff13f3562f36dd2bda8b1
Sha1:   f7c312237b5b49af7f8f2b22a49151406bf3d1d8
Sha256: 8018fe3a3ce2714ad70397e2bb0f9b437c683837830d182046a6d5d349bdb23b
                                        
                                            GET /css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://primegestaoempresarial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 15 Oct 2022 01:30:14 GMT
date: Sat, 15 Oct 2022 01:30:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1036
Md5:    3c491e74e4dade0be281e271dd5903bd
Sha1:   72092b401df6140b434a46778231a53f7eb23ad9
Sha256: b5317f14d90078ae432bb13ad300e1f6483cd64c5d1f594c9009cc2869170847
                                        
                                            GET /wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2 HTTP/1.1 
Host: primegestaoempresarial.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://primegestaoempresarial.com/trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365

search
                                         192.185.223.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Server: Apache
Last-Modified: Thu, 20 Oct 2016 04:12:31 GMT
Accept-Ranges: none
Cache-Control: max-age=21600
Expires: Sat, 15 Oct 2022 07:30:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2561
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   2561
Md5:    c72bd7cbb8d52d44bb333aca0a211054
Sha1:   5fa05e318b86ef9c7de4c78deb7a5830fa982787
Sha256: e2f549399f1811dab5d32af4fd433d8a298e530a94bba4c4d85157ca0e443785
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=4.8.20 HTTP/1.1 
Host: primegestaoempresarial.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://primegestaoempresarial.com/trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365

search
                                         192.185.223.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 05 Feb 2021 04:10:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Sat, 15 Oct 2022 07:30:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 748
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  ASCII text, with very long lines (1386), with no line terminators
Size:   748
Md5:    3d6a96ac061c191da5303f6bc1155c1c
Sha1:   d6cc1367e067e17b1ddd39232d470f52eeb473be
Sha256: 45d28c4dff03f277762685eba6370a8411510c969a222f076e3cd7a6b2651470

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0 HTTP/1.1 
Host: primegestaoempresarial.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://primegestaoempresarial.com/trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365

search
                                         192.185.223.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 14 Nov 2016 11:41:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Sat, 15 Oct 2022 07:30:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 416
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  ASCII text
Size:   416
Md5:    e6f53264ebf762f651ef3c426aba7d7a
Sha1:   c94c31f4cdc7976febd8b722771d433fcd460d87
Sha256: e5dab0bbdb24e72cded213dba7acb5e41a11e2a317279a046e402d1146512404

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: primegestaoempresarial.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://primegestaoempresarial.com/trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365

search
                                         192.185.223.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Sat, 15 Oct 2022 07:30:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4444
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  ASCII text, with very long lines (9959)
Size:   4444
Md5:    1e40dfe689f1e989e1a3de2e3c6e26bf
Sha1:   4196eddc5203fd18f63e90065d777f757088ca2f
Sha256: b40b1ef07db6e093ad2df064e8cb582906eb2448e1caacc2f5b721cd5d0e3cb4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/twentyseventeen/style.css?ver=4.8.20 HTTP/1.1 
Host: primegestaoempresarial.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://primegestaoempresarial.com/trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365

search
                                         192.185.223.116
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 08 Jun 2017 04:43:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 14 Nov 2022 01:30:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (463)
Size:   23368
Md5:    2908788e8d971a33dc2640301b09f091
Sha1:   9005737ea81bdc49a23b69247c8f52bbd748be08
Sha256: 7ddd8efb188b299b3a79b71f36f93d5541ceac86d639e7de64b83b4d0dbc0797

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0 HTTP/1.1 
Host: primegestaoempresarial.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://primegestaoempresarial.com/trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365

search
                                         192.185.223.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Server: Apache
Last-Modified: Fri, 02 Dec 2016 05:12:41 GMT
Accept-Ranges: none
Cache-Control: max-age=21600
Expires: Sat, 15 Oct 2022 07:30:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3006
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   3006
Md5:    64a6038b32ae09a417d704c22724b248
Sha1:   8d36f62db40c86aa0a36fe107abc7bf8e99c36ed
Sha256: a67ecfa247e6bb3968824eaac271107b4290a418c28b464f77727b8621933139
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: primegestaoempresarial.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://primegestaoempresarial.com/trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365

search
                                         192.185.223.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 04 Sep 2019 21:45:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Sat, 15 Oct 2022 07:30:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   42766
Md5:    58d326e4cc09f905eb0020706c6b2b95
Sha1:   c19bd9030a7117699a3dd57dc1b69a3889409f61
Sha256: 63cd2e517cb5c7de07842d11640edb2d11359c76f7227160bc339347e39c1001

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://primegestaoempresarial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27268
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 20:02:26 GMT
expires: Tue, 10 Oct 2023 20:02:26 GMT
cache-control: public, max-age=31536000
age: 365269
last-modified: Mon, 11 Jul 2022 18:56:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 27268, version 1.0\012- data
Size:   27268
Md5:    cd83836443d658985c464d7021aa3e83
Sha1:   83a2915021f30c4ed54752b02e0c999e3c56798c
Sha256: 0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: primegestaoempresarial.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://primegestaoempresarial.com/trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365

search
                                         192.185.223.116
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Server: Apache
Cache-Control: max-age=21600
Expires: Sat, 15 Oct 2022 07:30:15 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive

                                        
                                            GET /wp-content/themes/twentyseventeen/assets/images/header.jpg HTTP/1.1 
Host: primegestaoempresarial.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://primegestaoempresarial.com/trade/alaska/alaskausa/login.php?cmd=login_submit&id=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365&session=696317ac647a2381ea999e2f5cc53365696317ac647a2381ea999e2f5cc53365

search
                                         192.185.223.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sat, 15 Oct 2022 01:30:15 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2016 17:13:30 GMT
Accept-Ranges: bytes
Content-Length: 114854
Cache-Control: max-age=31536000
Expires: Sun, 15 Oct 2023 01:30:15 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 2000x1200, components 3\012- data
Size:   114854
Md5:    8030438c0c9b454bad3e94357cc28b51
Sha1:   c185138e7304e999ad9c49bbd3818b686077bac3
Sha256: 4503af815b99a57b1d22ddd6a5dc893bef6af00baab04ff2b5bce2288e97320e