Report - www.liderfinanceira.com/

Report Overview

Submitted URL
www.liderfinanceira.com/
IP
108.167.168.47
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-12-26 08:38:00
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
112

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	154 kB	172.64.132.15
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.8 kB	93.184.220.29
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	25 kB	69.16.175.10
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	7.0 kB	216.58.211.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.35.143.109
www.liderfinanceira.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.8 kB	1.6 MB	108.167.168.47
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	7.5 kB	104.17.25.14
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	23 kB	104.18.11.207
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	4.9 kB	142.250.74.74
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	69 kB	142.250.74.35
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	731 B	2.6 kB	216.58.211.4
maps.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	70 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
liderfinanceira.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	240 B	108.167.168.47
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-26	medium	www.liderfinanceira.com/	Malware
2022-12-26	medium	www.liderfinanceira.com/js/maskMoney.js	Malware
2022-12-26	medium	www.liderfinanceira.com/js/scroll.js	Malware
2022-12-26	medium	www.liderfinanceira.com/js/bootstrap.min.js	Malware
2022-12-26	medium	www.liderfinanceira.com/img/Bancos/banco-ole_7969685a2.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/Bancos/daycoval-bank.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/Bancos/Logo_C6_Bank.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/icons/lupa.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/icons/novo.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/icons/niver.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/icons/card.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/mg2.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/fundo2.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/passo3.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/icons/seta2.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/pessoas/image.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/Bancos/banco-pan-logo-1-1.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/Bancos/banco-bmg-logo-4.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/Bancos/1011px-Banco_Ita195186_logo.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/icons/pc.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/icons/Whats.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/Bancos/banco-safra-logo2.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/icons/libe.webp	Malware
2022-12-26	medium	www.liderfinanceira.com/img/blue.ico	Malware
2022-12-26	medium	liderfinanceira.com/js/jquery.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed
2022-12-26	medium	liderfinanceira.com	Sinkholed

JavaScript (26)

	URL	Size	First Seen	Last Seen
	maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/map.js	73 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/map.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:58:04 Last Seen2023-03-12 10:00:31 Times Seen1 Hash 6f3f29501df62b70397ee593597ea897 bc569d5cf6d94a5825410fc148eb8aa85a2a5b40 2f2875455dc8b4954ec48fcbd17c42caa6f727cc909075514bffcfaf0d6fe91d Loading...

	code.jquery.com/jquery-3.3.1.slim.min.js	70 kB	2023-03-07	2024-04-25
Pretty URL code.jquery.com/jquery-3.3.1.slim.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-25 19:58:45 Times Seen8374 Hash 99b0a83cf1b0b1e2cb16041520e87641 bc5836992c0b260496ba520fe1336d499bf06eb7 dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1 Loading...

	www.liderfinanceira.com/	26 B	2023-03-12	2023-03-12
Pretty URL www.liderfinanceira.com/ IP 108.167.168.47 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash 41e100beed991d3b481b4c0f2c6db3ac a17cd4999edc0f19b559e6ff153fa228d63e502f dc5967fd4fa8e60956ef7e098f6d986b469b7b88282e79a1519a2a2c37d013be Loading...

	www.liderfinanceira.com/js/scroll.js	1.4 kB	2023-03-12	2023-03-12
Pretty URL www.liderfinanceira.com/js/scroll.js IP 108.167.168.47 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash c86589c4cda30ee5da2d2cd2c0e579bb 669d6013dde6051042bb33a498e7aec67a670832 f853ed0097a1325e1aa6996ea5b7828910ddbf48fcb0bfded1a36d94dca48eb9 Loading...

	www.liderfinanceira.com/	448 B	2023-03-12	2023-03-12
Pretty URL www.liderfinanceira.com/ IP 108.167.168.47 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash ffc47918d32e1b897fd73240a01ac974 20da3e4f2cb8544f63d901b9b7ac958d0fc0e968 c8795334c772d5a8a014048702ded43fde42c8a362ea33578b92f09c12c3908f Loading...

	maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=pt_BR&region=br&callback=onApiLoad	174 kB	2023-03-12	2023-03-12
Pretty URL maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=pt_BR&region=br&callback=onApiLoad IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash 9cbf75afe89482865b4549260a5a93c5 d52a90d29ae7032937d8a44aa7e73fe6a0013c4d be2075641b9cd054249eb38f5fbb79a9a40c6ecf1fe7d53e208b52b19da180b0 Loading...

	maps.gstatic.com/maps-api-v3/embed/js/51/3/intl/pt_br/init_embed.js	228 kB	2023-03-08	2023-03-12
Pretty URL maps.gstatic.com/maps-api-v3/embed/js/51/3/intl/pt_br/init_embed.js IP 142.250.74.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:58:04 Last Seen2023-03-12 08:14:49 Times Seen1 Hash bde34cda286b994362d4252de15b67b6 56b7722558d9837a008b60cbb1c8b93be972ab17 0da8302a91243817c748c1eb23255de52f4ad0c4ff8d759110d8c94a139cfab4 Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7s4jqxkk&10e1&11b0&callback=_xdc_._ebv0o6&client=google-maps-embed&token=103179	62 B	2023-03-12	2023-03-12
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7s4jqxkk&10e1&11b0&callback=_xdc_._ebv0o6&client=google-maps-embed&token=103179 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash ab76facf6fa96c4d011c44852bddaa98 2195d68ecbaca208c7b66fc13e13de1a19e29289 d2ea4e68155132442caba1527a6aae82a5a408714f4219028c698f13b24f3932 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/controls.js	90 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/controls.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:58:04 Last Seen2023-03-12 10:00:32 Times Seen1 Hash ead33debd23a828e017d00570232c114 3bb3a7c52f8f25775fdce56ef74eb3c3a67970bf 39e34067e3eb3e665bb6ef51b96a9f1e5faadf96e0328848be506c490d1bbcf5 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js	20 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:07 Last Seen2024-04-25 21:32:11 Times Seen4502 Hash 83fb8c4d9199dce0224da0206423106f d8503645c17f9856868a7def3dc0505e19a95ec7 f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e Loading...

	www.liderfinanceira.com/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-26
Pretty URL www.liderfinanceira.com/js/bootstrap.min.js IP 108.167.168.47 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 05:10:35 Times Seen244527 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	www.liderfinanceira.com/	27 B	2023-03-12	2023-03-12
Pretty URL www.liderfinanceira.com/ IP 108.167.168.47 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash 9a04fb93ab7031195110f43e92ad5353 07a8a14c54fe4cb4a3e255061aef519b4d86846b 6c7762b78922956b7f7edabda6dfa13911a8bfd6beed177990cf4cc77491ab40 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/util.js	170 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:58:04 Last Seen2023-03-12 10:00:31 Times Seen1 Hash 42e50d63fc818ed335c5e857b9db812e ad813a496ceebec8d110b95f76ac997e84d9a93f ad3fd35fa189625fc8cbd12145655ce19bdc8ee31ab51a999e366048b03bdb2f Loading...

	www.liderfinanceira.com/js/maskMoney.js	24 kB	2023-03-12	2023-03-12
Pretty URL www.liderfinanceira.com/js/maskMoney.js IP 108.167.168.47 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash fb44914678efa178765d49a12bdc8ae5 729cb269fd29c36681ca0a777515541b928d76dc 09e339d61cdff531be7cb2970d63b8a077d6fa0fb135275d36a4570d37da1838 Loading...

	liderfinanceira.com/js/jquery.js	93 kB	2023-03-07	2024-04-22
Pretty URL liderfinanceira.com/js/jquery.js IP 108.167.168.47 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:50 Last Seen2024-04-22 11:43:55 Times Seen307 Hash 52e798fa363010f95feed65def07037b 9cbc3e88ab78003783e7d440c6fb39445a4126be fa411409e767595b83bf12f7204d69a856031ec9466998358316f6cbbfedd8a6 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/common.js	255 kB	2023-03-09	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 04:15:08 Last Seen2023-03-12 10:00:32 Times Seen1 Hash c88cfd6b6c2057b7831e44e671258787 e0316c1008c123b73bcfa6b7e1d65fb122fa547b 90bb6f19c3b236442d1848c2adbf6d8f2f9542c7dd83802b8b13189dfe92befc Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/overlay.js	3.6 kB	2023-03-08	2023-05-10
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/overlay.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:33:33 Last Seen2023-05-10 18:50:16 Times Seen3 Hash db2df41ff80c5e2c21acf69ddf06e6b9 b6c39a110273d95f504e099836190e569d633f92 42239a2e17a4bbefec11a2f43ea76816ff85afda6ba871c84c6c3715854ee3c0 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/onion.js	27 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/onion.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:58:04 Last Seen2023-03-12 10:00:32 Times Seen1 Hash 4576c457afc24d08b4b60fe8239286df df3074a8dcf5e7e88d6dcc2e6c99eb9ab96b51fe d08c00f091769f6b381bdd12011e3fff831d108d719e391907b0f934bef5bc03 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/search_impl.js	2.8 kB	2023-03-08	2023-05-10
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/intl/pt_br/search_impl.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:33:33 Last Seen2023-05-10 18:50:16 Times Seen3 Hash 72d7c403aa84dee21ce95d0f931dfd0c ccb1a62412371ec0a808125ad3203fa9bec0b659 d1fafd2db4a636e5bda590f6de43c9e92b0640024d367bb016eb0497875c27ce Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-23.480899356918275&2d-46.56616932696027&2m2&1d-23.450390623104433&2d-46.484484652555466&2u16&4spt-BR&5e0&6sm%40629000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._ds3647&client=google-maps-embed&token=87952	44 kB	2023-03-12	2023-03-12
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-23.480899356918275&2d-46.56616932696027&2m2&1d-23.450390623104433&2d-46.484484652555466&2u16&4spt-BR&5e0&6sm%40629000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._ds3647&client=google-maps-embed&token=87952 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash ce8a55d35ffcee4a3b385d415d26a2f8 9b5094efea3b4afcf0a906eb53058ce082123df4 76bade29b446b6730e5a4448a946839bee458ce4c08ad516ed7cd75e2640d80c Loading...

	maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=113577	62 B	2023-03-08	2023-08-17
Pretty URL maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=113577 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:25:00 Last Seen2023-08-17 14:45:14 Times Seen1761 Hash ac206f9aca43cbd08f77ebff219bad68 a8f70e30f06a72933f89c350b8fcc8e77280ff5d 5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e Loading...

	www.liderfinanceira.com/	35 B	2023-03-12	2023-03-12
Pretty URL www.liderfinanceira.com/ IP 108.167.168.47 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash 03938661f2f97785cbd3395dfbdef8b9 7d3b35fd1552a9b8aaaff5c0cf65337caee2f1df 49ec827a6df2c6c43b7bfed9948a84558729e113d94a64cde95bcf852289280d Loading...

	www.liderfinanceira.com/	275 B	2023-03-12	2023-03-12
Pretty URL www.liderfinanceira.com/ IP 108.167.168.47 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash 2ef9a4fb2ac2c5e55379b935fd993ca8 7700ddc56146a659465f24102f02e4f9cb38b8aa ad91459f6105351f5ef9ade792f5e2a2de21a3f2875c9bbe57ca084c384943c4 Loading...

	www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3659.8476765240866!2d-46.52754768554572!3d-23.46595836395997!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x94cef5cc1929c9e5%3A0xba7d41b766fe8349!2sL%C3%ADder%20financeira!5e0!3m2!1spt-BR!2sbr!4v1636053655401!5m2!1spt-BR!2sbr	3.9 kB	2023-03-12	2023-03-12
Pretty URL www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3659.8476765240866!2d-46.52754768554572!3d-23.46595836395997!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x94cef5cc1929c9e5%3A0xba7d41b766fe8349!2sL%C3%ADder%20financeira!5e0!3m2!1spt-BR!2sbr!4v1636053655401!5m2!1spt-BR!2sbr IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash a907a4b076c7a5194b743503256a0a0a 86d0e9bce5f17bd3926be7221b358b1c565c0615 05d56b87e5e0b5946a8975e101c77087a33b3b2d981970e81363e98da5e5ca40 Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-23.48462337951632&2d-46.54560444980166&2m2&1d-23.447524759216435&2d-46.504915640440494&2u12&4spt-BR&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._v3axpb&client=google-maps-embed&token=23309	8.4 kB	2023-03-12	2023-03-12
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-23.48462337951632&2d-46.54560444980166&2m2&1d-23.447524759216435&2d-46.504915640440494&2u12&4spt-BR&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._v3axpb&client=google-maps-embed&token=23309 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash c860e45f90a38ea96ebfbfe6985feade f51a7ca4b15008bd57c68b833507658a69851c65 7c24a304cae5b92c0d749286ae1c0df29093746d99b40f83c292d19fa152041e Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7s4jqz0i&10e1&11b0&callback=_xdc_._sla9gq&client=google-maps-embed&token=68051	62 B	2023-03-12	2023-03-12
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7s4jqz0i&10e1&11b0&callback=_xdc_._sla9gq&client=google-maps-embed&token=68051 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:14:49 Last Seen2023-03-12 08:14:49 Times Seen1 Hash 45fe6ab5a2d0eb26534c2ef1511ec47b e5b420023fc76acd1c730402ed28223892c0417a 91c3891a53416c61c808fde7c71234efeac57b37a49a34fbe2fe4dd375ac74d4 Loading...

HTTP Transactions (84)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
96defe1601ba891731eee83f0830649d
ba500679fd337488c3f60543561740ff0dfc1898
d2a320a9feb1a874af3da921db2a8619513968724ef8eb0715c010291c4cf8d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2A320A9FEB1A874AF3DA921DB2A8619513968724EF8EB0715C010291C4CF8D9"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3708
Expires: Mon, 26 Dec 2022 09:39:37 GMT
Date: Mon, 26 Dec 2022 08:37:49 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9cce060ddc316540d079e6816a1e7412
709a74969d1996d2b35ef0f7f34ae18455169f1e
6d58b895476c9ab451d8fc51df98809adca445bc6e9d720430e80a0c85242879

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D58B895476C9AB451D8FC51DF98809ADCA445BC6E9D720430E80A0C85242879"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3814
Expires: Mon, 26 Dec 2022 09:41:23 GMT
Date: Mon, 26 Dec 2022 08:37:49 GMT
Connection: keep-alive

www.liderfinanceira.com/

108.167.168.47

200 OK

8.5 kB

URL HTTP/1.1
www.liderfinanceira.com/
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (410)
Size
8.5 kB (8503 bytes)
Hash
b795ed1f9ae96b6cde64f4b374443396
4ffa4744d09c26d30c1917bb4aab489253b78bc1
3d60e004c2b6d1c3b9cbec04191969c4243f6e2037d38f2cb071dd90d8ba7654

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 11 Oct 2022 15:35:21 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8503
Keep-Alive: timeout=5, max=75
Content-Type: text/html

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 26 Dec 2022 07:46:29 GMT
content-type: application/json
age: 3080
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c298d0b2a05562a7ece94adf3589dacd
266befe104baa47e94fe0b9d00d10f96518b6525
a00a7433c6ee020d40e43fb5c821b8f2b835107852be361317fd2dfdcc4f0a15

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A00A7433C6EE020D40E43FB5C821B8F2B835107852BE361317FD2DFDCC4F0A15"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3455
Expires: Mon, 26 Dec 2022 09:35:24 GMT
Date: Mon, 26 Dec 2022 08:37:49 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: E4TyO2acqtHIHhJ99uPd7v6M2yo3Qc27A2S81syXKME9aJ4S/YRvqioDjA4P2qhpRTdqDt8zN1k=
x-amz-request-id: RRKP0AGS1ZA44TPV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Dec 2022 07:57:21 GMT
age: 2428
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 08:37:49 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
cf9b0a4fb7b85787890cff93a4b081ed
a29efcd9805a1ff4fa12bc0459f96c28cd88e9b7
9d5d6e11f6cfcfe234b04f173625dcf13bee2514fcf6e32be6b3c79d1a453aa0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3253
Cache-Control: max-age=170269
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:49 GMT
Etag: "63a946c5-117"
Expires: Wed, 28 Dec 2022 07:55:38 GMT
Last-Modified: Mon, 26 Dec 2022 07:01:25 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
68c4bcc8cffb2724729d50fc0f6e34ad
18c582032191ff03c2c6266341138b84853b3090
895c9bd5cf3d01f6e4870ec4f41b538b3f2568827ad37c626774a0aa8e5b5fd7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5169
Cache-Control: max-age=134003
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:49 GMT
Etag: "63a8b19f-117"
Expires: Tue, 27 Dec 2022 21:51:12 GMT
Last-Modified: Sun, 25 Dec 2022 20:25:03 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
244625692c693282c5ccf7a20e38a8ce
80572a9b2940cca7b170deb1b1512a338a212ca5
ae455f885ab9db294e2b4e7eb8d050f2f1a1ea61d288cce292613360b6ab6a9a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1775
Cache-Control: max-age=100718
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:49 GMT
Etag: "63a83cdc-117"
Expires: Tue, 27 Dec 2022 12:36:27 GMT
Last-Modified: Sun, 25 Dec 2022 12:06:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

104.17.25.14

200 OK

6.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (20164)
Size
6.5 kB (6451 bytes)
Hash
ae393ccddfcfe335c9b29ee90aaf72cb
6a42536ed79b4ea9e3a71c69db3b5f7205dc7e81
75cbee82410be7ca2b5b5406219b0575725c415510df701ddf1e9e7fdec22aa8

HTTP Headers

GET /ajax/libs/popper.js/1.14.3/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.liderfinanceira.com
Connection: keep-alive
Referer: http://www.liderfinanceira.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Dec 2022 08:37:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 6451
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4f71"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6433195
expires: Sat, 16 Dec 2023 08:37:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChCZDTrDzv9LRjMl%2FQ3PieOWWoU%2FeUp10g6kHOv7lFbsQdy9NgxkEha8vgqQcgv4W0LB%2B0xf%2B2iVebhgvdLORK8R0xy%2FwA6wwr4%2FNPXUBGpjXUOuTTvgPoKrcb2kBKLZor%2BHAlnw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77f87f297b8db4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.3.1.slim.min.js

69.16.175.10

200 OK

24 kB

URL HTTP/2
code.jquery.com/jquery-3.3.1.slim.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65247)
Size
24 kB (24038 bytes)
Hash
0f2e7d37e730fdbb1d8a1e8638529ecb
c21d16978a858baa75be15cb7e799ff000929429
cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0

HTTP Headers

GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.liderfinanceira.com
Connection: keep-alive
Referer: http://www.liderfinanceira.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Dec 2022 08:37:49 GMT
content-encoding: gzip
content-length: 24038
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CO3WpZ0GEocBCiQ2N2I1OTQ5ZS00YjZjLTRiOTUtOTM3ZC00ODQ5OGJkNjgwMmYQ+OiCoKvU+wIaBgjduqWdBiIMOTEuOTAuNDIuMTU0KKrYATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkNDkzYTNmNWYtOGJlNS00MzE1LTg4NDktM2Q5NGYzYjFiNzYwGOa7ASIYCAISFGNkczIzMC5zazEuaHdjZG4ubmV0.psk1aTmmX8ecv6be2ySB0L/dlUJb5fCShL9y3AOD0Bs=
x-hw: 1672043869.dop016.sk1.t,1672043869.cds258.sk1.hn,1672043869.cds230.sk1.c
X-Firefox-Spdy: h2

www.liderfinanceira.com/css/style.css

108.167.168.47

200 OK

5.9 kB

URL HTTP/1.1
www.liderfinanceira.com/css/style.css
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
assembler source, Unicode text, UTF-8 text
Size
5.9 kB (5897 bytes)
Hash
cb0be683c280ac4da0b0064d7e1dc1c8
1e3504ab707b732c512db55500130e2bc230fb68
2ccd47f6d306afe481c4c45205bfdd901ca104aaa9c46f34efb40d61e1127169

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 11 Oct 2022 15:07:30 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5897
Keep-Alive: timeout=5, max=75
Content-Type: text/css

www.liderfinanceira.com/css/media.css

108.167.168.47

200 OK

1.5 kB

URL HTTP/1.1
www.liderfinanceira.com/css/media.css
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.5 kB (1461 bytes)
Hash
2d22839e6e8505a5df41917cd724a824
3d57ec221512a2ce648fc6e6d0c66b3bbeb0c2f1
a15e2f10fcc5f9a4b3b8278b70d76564759581056a5aff92fdf07bd6de1e3250

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/media.css HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:49 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:30 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1461
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
68c4bcc8cffb2724729d50fc0f6e34ad
18c582032191ff03c2c6266341138b84853b3090
895c9bd5cf3d01f6e4870ec4f41b538b3f2568827ad37c626774a0aa8e5b5fd7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5169
Cache-Control: max-age=134003
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:49 GMT
Etag: "63a8b19f-117"
Expires: Tue, 27 Dec 2022 21:51:12 GMT
Last-Modified: Sun, 25 Dec 2022 20:25:03 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

104.18.11.207

200 OK

22 kB

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65324)
Size
22 kB (22454 bytes)
Hash
ff67f967daf5f3ff062f80fc0316f0ca
32baeb8df28f951bafd3f2e571a8f793e60c1f86
29866d2dfad8c89230796208492c853129366187e5db58726cb73c40188a2152

HTTP Headers

GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.liderfinanceira.com
Connection: keep-alive
Referer: http://www.liderfinanceira.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Dec 2022 08:37:49 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/21/2022 20:38:40
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d9c1553c34d9428cf806e0b17f403338
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77f87f297ea5b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
508c2c991a10f5f048c213f732698d4c
5a43bb96597ada2c1a16fb35c6cd74529bb306c4
bdf5e18cacb564fe4be4448d268ecee27b7139b91109b6d0727f2b809c6b5f3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
508c2c991a10f5f048c213f732698d4c
5a43bb96597ada2c1a16fb35c6cd74529bb306c4
bdf5e18cacb564fe4be4448d268ecee27b7139b91109b6d0727f2b809c6b5f3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
508c2c991a10f5f048c213f732698d4c
5a43bb96597ada2c1a16fb35c6cd74529bb306c4
bdf5e18cacb564fe4be4448d268ecee27b7139b91109b6d0727f2b809c6b5f3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
508c2c991a10f5f048c213f732698d4c
5a43bb96597ada2c1a16fb35c6cd74529bb306c4
bdf5e18cacb564fe4be4448d268ecee27b7139b91109b6d0727f2b809c6b5f3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.liderfinanceira.com/js/maskMoney.js

108.167.168.47

200 OK

6.4 kB

URL HTTP/1.1
www.liderfinanceira.com/js/maskMoney.js
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
6.4 kB (6437 bytes)
Hash
bfaf7b74706c0ff928041264dfe0999d
f447a301da4e8b09ee2a1ee78c745203b400e310
af5ec47c52c3e497fbef63784543b6e995e30b07a3677a7a4caeba059f56c7d7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/maskMoney.js HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 11 Oct 2022 15:08:28 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6437
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript

www.liderfinanceira.com/js/scroll.js

108.167.168.47

200 OK

580 B

URL HTTP/1.1
www.liderfinanceira.com/js/scroll.js
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text
Size
580 B (580 bytes)
Hash
4f15d3e67478907190dbc1044c316657
f0bdd42a20334ff78d61ceee7ae620df90d28e24
d3660618777e13494b3f5ebe38b3b661a07dfd5b26be5b3ce089daad8d2570fb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/scroll.js HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:49 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:08:28 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 580
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript

fonts.googleapis.com/css2?family=Sen:wght@400;700;800&display=swap

142.250.74.74

200 OK

867 B

URL HTTP/2
fonts.googleapis.com/css2?family=Sen:wght@400;700;800&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
867 B (867 bytes)
Hash
3023651f3ffbbfd41f90c6dbd2e7c25b
bf51dde66748682d986849147aa559ec8494c5d2
07cb76b4f653d02de5c3f4e5002fd7778abf883a2fd7ecaec07222646f6d57b2

HTTP Headers

GET /css2?family=Sen:wght@400;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.liderfinanceira.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Dec 2022 08:37:49 GMT
date: Mon, 26 Dec 2022 08:37:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.liderfinanceira.com/js/bootstrap.min.js

108.167.168.47

200 OK

21 kB

URL HTTP/1.1
www.liderfinanceira.com/js/bootstrap.min.js
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (50758)
Size
21 kB (20882 bytes)
Hash
8eef780162d3744d08f300e970637a44
ba2abbc4b995d1d5c18e9e7d32e87dce31324331
6f33c4c0ce89765d40d5a0d1a447ec9bc08b6710e03b5df7f37c0f2d44cf120d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 11 Oct 2022 15:08:26 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4c64bb12a48ac9002ddf9c49a08c746a
0498da3b2a625a3e9b5b57a51835d44a23cd3d6f
53b22685ebcce85af239c04ef1a4a464c6fd71151b0d5e1ce3a59fe82e8c970a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53B22685EBCCE85AF239C04EF1A4A464C6FD71151B0D5E1CE3A59FE82E8C970A"
Last-Modified: Sat, 24 Dec 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Mon, 26 Dec 2022 14:36:54 GMT
Date: Mon, 26 Dec 2022 08:37:49 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 26 Dec 2022 08:33:30 GMT
age: 259
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
244625692c693282c5ccf7a20e38a8ce
80572a9b2940cca7b170deb1b1512a338a212ca5
ae455f885ab9db294e2b4e7eb8d050f2f1a1ea61d288cce292613360b6ab6a9a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1800
Cache-Control: max-age=100742
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:50 GMT
Etag: "63a83cdc-117"
Expires: Tue, 27 Dec 2022 12:36:52 GMT
Last-Modified: Sun, 25 Dec 2022 12:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bdc6ddd27a64c85bd15f78b39a79874c
965b8f1b763483b4b4dfe35526d27393d1fdf05c
d2f4dee4d920109e0751634731bea278c9ea9e6c0120ac07969eba74ddbfe615

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4474
Cache-Control: max-age=92612
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:50 GMT
Etag: "63a812a8-1d7"
Expires: Tue, 27 Dec 2022 10:21:22 GMT
Last-Modified: Sun, 25 Dec 2022 09:06:48 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9fe005199dbfabe75a3a76101f6350ac
c0f4b84d6a715f64d3d5df00ead1e9e34dfb5ddf
42bfa8181326696656bc80d1ed096eab92cc91ee4ea8ff18bbdf4a09b9180961

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.liderfinanceira.com/img/Bancos/banco-ole_7969685a2.webp

108.167.168.47

200 OK

6.5 kB

URL HTTP/1.1
www.liderfinanceira.com/img/Bancos/banco-ole_7969685a2.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
6.5 kB (6512 bytes)
Hash
bd7f29e60ccdc03d0b7961915e325317
c17e4aed44f67bbac8415e9bbf7190f0af2a0a81
331472e25362f6c0b3c38158ba6e0572c1bff535581092b00deac04e173d25c3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/Bancos/banco-ole_7969685a2.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 11 Oct 2022 15:07:51 GMT
Accept-Ranges: bytes
Content-Length: 6512
Keep-Alive: timeout=5, max=75
Content-Type: image/webp

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.74.35

200 OK

8.0 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.liderfinanceira.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:11 GMT
expires: Sat, 23 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
age: 241479
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.35

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.liderfinanceira.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:11 GMT
expires: Sat, 23 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
age: 241479
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.3.1/css/all.css

172.64.132.15

200 OK

18 kB

URL HTTP/2
use.fontawesome.com/releases/v5.3.1/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (48464)
Size
18 kB (18418 bytes)
Hash
bbc57dc81ffdf24e6ec9f20f1f64efef
2286308a6f2747442138192aa11f4315dcd88746
a4b730bff8b32c69aae91c3dda1d8565da24856985961d884a01b6524aefb9cb

HTTP Headers

GET /releases/v5.3.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.liderfinanceira.com
Connection: keep-alive
Referer: http://www.liderfinanceira.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Dec 2022 08:37:50 GMT
content-type: text/css
x-amz-id-2: lq9cb9xZRah3BRoem6gsFt+D9G9TBCPV9V6XnG9g/OkqbUxVQJty6gLrvjj+OBaNRYS2NHuG7iA=
x-amz-request-id: SM62P2SCPK6N5DSM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
etag: W/"10519cfd3206802f58315b877a9beab5"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ElSU6jbjV9BqB70z4adZ5ZW5zc2p8yNuy3hb4BvqfXpl7SlJmPhcNVOn1pOoJwasYVJ%2BAVDC4Z1FT1IXppX6WDZx89dQ4NyUrxOJwQrPLSVZKpve7gGkiMYil6nbLtikLPvdHDW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f87f299bdf069a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2

142.250.74.35

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7932, version 1.0\012- data
Size
7.9 kB (7932 bytes)
Hash
a7f7eebec745ef48ccf7a3d08c66d84a
2c5f99afe358a3e8570818a99646779aaa607587
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.liderfinanceira.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7932
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 23:44:12 GMT
expires: Thu, 21 Dec 2023 23:44:12 GMT
cache-control: public, max-age=31536000
age: 377618
last-modified: Wed, 27 Apr 2022 16:10:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.35

200 OK

7.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.liderfinanceira.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:28:50 GMT
expires: Thu, 21 Dec 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 392940
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 08:37:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.liderfinanceira.com/img/Bancos/daycoval-bank.webp

108.167.168.47

200 OK

35 kB

URL HTTP/1.1
www.liderfinanceira.com/img/Bancos/daycoval-bank.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
35 kB (35384 bytes)
Hash
2f26e9c53c08374e68afb14024109d3b
7ab0780d0837095f6502580c529dc01abd639f47
b17d02cb44ad4e60c2921656a581b7d78047610e118ac30d608447d64928c992

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/Bancos/daycoval-bank.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:53 GMT
Accept-Ranges: bytes
Content-Length: 35384
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/webp

push.services.mozilla.com/

52.35.143.109

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.143.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1+NCBZftheCAHCPvOo7OMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2vP0AM/zRCf33xHR6pZXVDy6Z1I=

www.liderfinanceira.com/img/icon.png

108.167.168.47

200 OK

47 kB

URL HTTP/1.1
www.liderfinanceira.com/img/icon.png
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 777 x 727, 8-bit/color RGBA, non-interlaced\012- data
Size
47 kB (46618 bytes)
Hash
f42c4fb9d787563e49632ee10c583780
23fb332ca4a59e41412fe154b4fe8eaeea2b3695
285c35b5d28433715dc94e4af84a16d836d021d5835629fdf70627378380783d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/icon.png HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:39 GMT
Accept-Ranges: bytes
Content-Length: 46618
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/png

www.liderfinanceira.com/img/Bancos/Logo_C6_Bank.webp

108.167.168.47

200 OK

28 kB

URL HTTP/1.1
www.liderfinanceira.com/img/Bancos/Logo_C6_Bank.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
28 kB (27520 bytes)
Hash
a761483863c2c9cf66701a13700150a6
96066f7389183fcc6d9460ce87d087d20e3b1623
97dd441aab54684799698716f9698249fde0f0e03ad4e3448471fb9e34523479

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/Bancos/Logo_C6_Bank.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 11 Oct 2022 15:07:54 GMT
Accept-Ranges: bytes
Content-Length: 27520
Keep-Alive: timeout=5, max=75
Content-Type: image/webp

use.fontawesome.com/releases/v5.3.1/webfonts/fa-brands-400.woff2

172.64.132.15

200 OK

65 kB

URL HTTP/2
use.fontawesome.com/releases/v5.3.1/webfonts/fa-brands-400.woff2
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 65316, version 1.0\012- data
Size
65 kB (65316 bytes)
Hash
48461ea4e797c9774dabb4a0440d2f56
024b7f9afa49a3658ebd7eee4e1c536502db51fa
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

HTTP Headers

GET /releases/v5.3.1/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.liderfinanceira.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Dec 2022 08:37:50 GMT
content-type: font/woff2
content-length: 65316
x-amz-id-2: 1GYNlMJBAyuVDt+ewwxyGuY+yl2+0VCp8bYOPbJ1LXaVCTYuWocOKi0r8fU8gxJ8aw/1QdMQCNo=
x-amz-request-id: 6EEY6HSHSZ4Y9HDD
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:42:33 GMT
etag: "48461ea4e797c9774dabb4a0440d2f56"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQZ%2Fw6SLmjjzPaGVOO1nc9yASi0M6evrQxmuBcM0jfZ8Cayth98ninDTxFOroQ2kvKPRdCIBxYg6VkQhH3Dy69S1wK9HGTz%2F6avyvJtWM9PSHe9bK1Jy%2F%2BnG1kLMeqO2Iplq9eDd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f87f2e2f76069a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3659.8476765240866!2d-46.52754768554572!3d-23.46595836395997!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x94cef5cc1929c9e5%3A0xba7d41b766fe8349!2sL%C3%ADder%20financeira!5e0!3m2!1spt-BR!2sbr!4v1636053655401!5m2!1spt-BR!2sbr

216.58.211.4

200 OK

1.8 kB

URL HTTP/2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3659.8476765240866!2d-46.52754768554572!3d-23.46595836395997!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x94cef5cc1929c9e5%3A0xba7d41b766fe8349!2sL%C3%ADder%20financeira!5e0!3m2!1spt-BR!2sbr!4v1636053655401!5m2!1spt-BR!2sbr
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3573)
Size
1.8 kB (1806 bytes)
Hash
d943c1e90a9007066a020084f60335d7
fe07299c6a93417a3b3627431bed58f58962acd7
944df06b7c0d7d7e47b5cbb9f3419561e61a6caa455f6e84a47ab5cd3204cb91

HTTP Headers

GET /maps/embed?pb=!1m18!1m12!1m3!1d3659.8476765240866!2d-46.52754768554572!3d-23.46595836395997!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x94cef5cc1929c9e5%3A0xba7d41b766fe8349!2sL%C3%ADder%20financeira!5e0!3m2!1spt-BR!2sbr!4v1636053655401!5m2!1spt-BR!2sbr HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.liderfinanceira.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 26 Dec 2022 08:37:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-LmPZOkWmncw480IeHO12rQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1806
x-xss-protection: 0
server-timing: gfet4t7; dur=221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.liderfinanceira.com/img/icons/lupa.webp

108.167.168.47

200 OK

82 kB

URL HTTP/1.1
www.liderfinanceira.com/img/icons/lupa.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
82 kB (82236 bytes)
Hash
6ceca3af72c7c943fab26f158e995d3a
f3f8e9ef0829c14661b9ee079e8e49fd43d371e2
62933faa6119a6e1dc6a51f98037e411a51ef35806d3911f4875526c7d0a0b1c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/icons/lupa.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:08:08 GMT
Accept-Ranges: bytes
Content-Length: 82236
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/icons/novo.webp

108.167.168.47

200 OK

9.9 kB

URL HTTP/1.1
www.liderfinanceira.com/img/icons/novo.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
9.9 kB (9938 bytes)
Hash
8a944b099bc710277d272e744030f42c
6c2b5a4d0b5d4b9c2400c96b78d9cdcb6b850f97
2bc4f454886463ad3ce5a533b0694bf06bda9f4bd6ade3f60e608a8941390a88

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/icons/novo.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:08:09 GMT
Accept-Ranges: bytes
Content-Length: 9938
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/icons/niver.webp

108.167.168.47

200 OK

10 kB

URL HTTP/1.1
www.liderfinanceira.com/img/icons/niver.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
10 kB (10124 bytes)
Hash
3888f71e4ffd3b7103692e3a3f2dfdad
dfd1e620c81b56e671902597be32195e5d19f4e9
c5c5099e9414a51be49aaff07b8e8f19d0c711d6b39c83611009d86bc2a92f93

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/icons/niver.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:08:09 GMT
Accept-Ranges: bytes
Content-Length: 10124
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/icons/card.webp

108.167.168.47

200 OK

4.4 kB

URL HTTP/1.1
www.liderfinanceira.com/img/icons/card.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.4 kB (4384 bytes)
Hash
e06627521d7fb37f4a0fc08ec2e995f1
e2d72e57d0799e024555177f4a5b30f53b67a558
a0eefe6f75f9aa05cc8ed48e278e1217c3a30c55c06c681d86e6fed76af60d40

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/icons/card.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:08:00 GMT
Accept-Ranges: bytes
Content-Length: 4384
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/webp

fonts.googleapis.com/css2?family=Asap:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap

142.250.74.74

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Asap:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1078 bytes)
Hash
0dc15ca506bbda7c26932ff934a8ea45
e0042d571f8ef711b2fdd66503129e5e454f8702
4210572e5d23de16bbc523bbbb74bb6f755b4b8488db0fa9fb2248f60b4c09b5

HTTP Headers

GET /css2?family=Asap:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.liderfinanceira.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Dec 2022 08:37:49 GMT
date: Mon, 26 Dec 2022 08:37:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.liderfinanceira.com/img/mg2.webp

108.167.168.47

200 OK

123 kB

URL HTTP/1.1
www.liderfinanceira.com/img/mg2.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
123 kB (122564 bytes)
Hash
eed2acb1ae88116c5b52a007f2bcaead
fa49178b1f594c1df393012d4e939cce1871685e
3f548613a11f1d6b9602d339c588e4b846645ee919049e684c16a0a1635ecb67

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/mg2.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:44 GMT
Accept-Ranges: bytes
Content-Length: 122564
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/webp

use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2

172.64.132.15

200 OK

67 kB

URL HTTP/2
use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 67400, version 1.0\012- data
Size
67 kB (67400 bytes)
Hash
14a08198ec7d1eb96d515362293fed36
965d78c34637d1bdab6277805faecb6caa959669
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

HTTP Headers

GET /releases/v5.3.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.liderfinanceira.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Dec 2022 08:37:50 GMT
content-type: font/woff2
content-length: 67400
x-amz-id-2: QrLPIo0OH/ETscrdclGH08mcVG4rWGPOgPe2hjqTUAGMS8YnAf7Om/Ig1dyEN3pJN23HU71mMg0=
x-amz-request-id: 6EEW26C6FD38XVFM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:42:33 GMT
etag: "14a08198ec7d1eb96d515362293fed36"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGSeVTJtF8AP%2Fm2ql0zR3HA%2FJyjZgC%2BwguDB3cKMb43%2Fsp9yzJjluhXunmzYuW4TWWxwdHuy%2F0lClENeN7SIUIOe1idbEDbXnaJQATa8Hb8nu4OFE4d7XYj3jzKi7pSu9EhQVAWf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f87f2e4f90069a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.liderfinanceira.com/img/fundo2.webp

108.167.168.47

200 OK

5.4 kB

URL HTTP/1.1
www.liderfinanceira.com/img/fundo2.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1077, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.4 kB (5428 bytes)
Hash
33780994d86988dfb38f16fa079e7876
8966cb591e7fabb4fd292d70505d13e1ce0ee09e
5d9f98b03af99cc5fba2c963a05c1c772a45600ff67dce2352598241c448912f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/fundo2.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/css/style.css

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:38 GMT
Accept-Ranges: bytes
Content-Length: 5428
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/passo3.webp

108.167.168.47

200 OK

67 kB

URL HTTP/1.1
www.liderfinanceira.com/img/passo3.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
67 kB (67334 bytes)
Hash
de8f1fecff48de34ff179a07b3db1275
765c9449685b45492a83ecc84123faa1df9f32d5
0696624366c49401874edd24137dd7b59e3eecc830eec978253a6f5b2a3f4012

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/passo3.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/css/style.css

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:46 GMT
Accept-Ranges: bytes
Content-Length: 67334
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/webp

maps.gstatic.com/maps-api-v3/embed/js/51/3/intl/pt_br/init_embed.js

142.250.74.3

200 OK

70 kB

URL HTTP/2
maps.gstatic.com/maps-api-v3/embed/js/51/3/intl/pt_br/init_embed.js
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2669)
Size
70 kB (69582 bytes)
Hash
fef0f74923e5e7b986ea8965c7da54b2
9e7d33601b7f3b830b713cec8e24ee8d5349a2ee
33b37ef81ae900dd32b3c0039bd6a94647578fc5fa74db0770f70acb916ab8d9

HTTP Headers

GET /maps-api-v3/embed/js/51/3/intl/pt_br/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69582
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:43:24 GMT
expires: Sat, 23 Dec 2023 13:43:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 18:55:12 GMT
content-type: text/javascript
age: 240866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.liderfinanceira.com/img/logwhiteandyelow.png

108.167.168.47

200 OK

59 kB

URL HTTP/1.1
www.liderfinanceira.com/img/logwhiteandyelow.png
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 3829 x 1189, 8-bit/color RGBA, non-interlaced\012- data
Size
59 kB (58575 bytes)
Hash
885e44b79f839df4955e93cbcd2592ec
8eee77be941e78028bb37d4bb494b3f9707ac863
f2babb728b07546e545ce0c321f29847d60ff4bddb1d9915ac603f3001a865a9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/logwhiteandyelow.png HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:43 GMT
Accept-Ranges: bytes
Content-Length: 58575
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png

www.liderfinanceira.com/img/icons/seta2.webp

108.167.168.47

200 OK

7.4 kB

URL HTTP/1.1
www.liderfinanceira.com/img/icons/seta2.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
7.4 kB (7432 bytes)
Hash
7060922e60675dc27b37dd8a61b37cd2
8ecd2aabe13f9f27c4005837f27392d49f96fe61
2368d69372c9b23e81fb666feea3bb89fc5e72c697125d6f95b2ed3741157df6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/icons/seta2.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:08:13 GMT
Accept-Ranges: bytes
Content-Length: 7432
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/pessoas/image.webp

108.167.168.47

200 OK

136 kB

URL HTTP/1.1
www.liderfinanceira.com/img/pessoas/image.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
136 kB (135988 bytes)
Hash
baf5a3dfd683b6147683eca8f44f726d
489835cab62b31eaf2ae26786b9fe3ae543e16b7
ed0ea4137a34a2e34068b8a7b2dc30822d2550bd1d2ddf8efdc9ed65a460d02b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/pessoas/image.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:08:23 GMT
Accept-Ranges: bytes
Content-Length: 135988
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/Bancos/banco-pan-logo-1-1.webp

108.167.168.47

200 OK

30 kB

URL HTTP/1.1
www.liderfinanceira.com/img/Bancos/banco-pan-logo-1-1.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
30 kB (30000 bytes)
Hash
f9e780847d3d98f83581bde68bca4a12
b3ee4db7bb65cc134847b2cd0c6fdb5c02f02fd7
294341e75e466ac2fc165614540931e61e04f7301ce23541dd275d6261f6b4de

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/Bancos/banco-pan-logo-1-1.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:52 GMT
Accept-Ranges: bytes
Content-Length: 30000
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/Bancos/banco-bmg-logo-4.webp

108.167.168.47

200 OK

28 kB

URL HTTP/1.1
www.liderfinanceira.com/img/Bancos/banco-bmg-logo-4.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
28 kB (27866 bytes)
Hash
498fe8a78271f223d9d75ac5137d741b
e8740664986e107062b025f5ac94bcf6e3641ab2
48ecf672a4aca1d4ca948ba7bf12ccfd013b18e44b08d73f010d7ef975f9d704

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/Bancos/banco-bmg-logo-4.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:51 GMT
Accept-Ranges: bytes
Content-Length: 27866
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/Bancos/1011px-Banco_Ita195186_logo.webp

108.167.168.47

200 OK

13 kB

URL HTTP/1.1
www.liderfinanceira.com/img/Bancos/1011px-Banco_Ita195186_logo.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
13 kB (13418 bytes)
Hash
3cd05e083ba43890dfdef2bad0cd5421
82915126ca40992fe2933dd04cd1c473760e29b5
34e2a95bb076618424ca5f5f565051ad41d6526373166c010afaf3248fdc3389

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/Bancos/1011px-Banco_Ita195186_logo.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:51 GMT
Accept-Ranges: bytes
Content-Length: 13418
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/icons/pc.webp

108.167.168.47

200 OK

171 kB

URL HTTP/1.1
www.liderfinanceira.com/img/icons/pc.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
171 kB (170902 bytes)
Hash
b01656c687ff139e07835fc8de4b1da7
45679ab088f776de28650732dc29bd431076d749
ec533f8e85b27ae61c2ca96b8150835d54479d41b68dcbb8043cc25919092dee

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/icons/pc.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:08:10 GMT
Accept-Ranges: bytes
Content-Length: 170902
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/icons/Whats.webp

108.167.168.47

200 OK

119 kB

URL HTTP/1.1
www.liderfinanceira.com/img/icons/Whats.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
119 kB (118702 bytes)
Hash
cb239561560a76d4d29e69473b2c7da8
1f63d02928ea83abb6d20c57cfd7ca46cffe7c94
a82d818c9901917579bc1b5c782a35e08de4367551ca54bf14aaddf765d2989f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/icons/Whats.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:08:16 GMT
Accept-Ranges: bytes
Content-Length: 118702
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/Bancos/banco-safra-logo2.webp

108.167.168.47

200 OK

102 kB

URL HTTP/1.1
www.liderfinanceira.com/img/Bancos/banco-safra-logo2.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
102 kB (102382 bytes)
Hash
73acaefe790fda089911692ccd6785ad
e75c8957bd1a9f16df55ace7d8d7d7c39acf7448
1a66a7f628b87a70b66cc7e4cfcb2cb128c4ba05212142774afdaaee73ed8dfa

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/Bancos/banco-safra-logo2.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:53 GMT
Accept-Ranges: bytes
Content-Length: 102382
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/logblue.png

108.167.168.47

200 OK

59 kB

URL HTTP/1.1
www.liderfinanceira.com/img/logblue.png
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 3828 x 1191, 8-bit/color RGBA, non-interlaced\012- data
Size
59 kB (59130 bytes)
Hash
1752cf152bd0f16c52c5fd09722ad572
f078acca1d223e1d1102e9b81cd01be0dcc87456
ae558f60a86f7e041e1b531c9fdae1be2d81b704b5bb050908d0ae0ab1ece245

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/logblue.png HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:51 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:41 GMT
Accept-Ranges: bytes
Content-Length: 59130
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png

www.liderfinanceira.com/img/icons/libe.webp

108.167.168.47

200 OK

143 kB

URL HTTP/1.1
www.liderfinanceira.com/img/icons/libe.webp
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
143 kB (142726 bytes)
Hash
8c08010258beb91ada8217ea5ce06049
250a8093744df006aaf4d2b738d0836209bd7aaf
bbc8283200944a37f4f67d01805fef382ca52f2a933cb3ff3ce5fe91ba546e76

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/icons/libe.webp HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:50 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:08:07 GMT
Accept-Ranges: bytes
Content-Length: 142726
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/webp

www.liderfinanceira.com/img/alerta.png

108.167.168.47

200 OK

245 kB

URL HTTP/1.1
www.liderfinanceira.com/img/alerta.png
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
245 kB (244586 bytes)
Hash
cab64b5133580ed8fcec51abed3c191c
a384e3dd5360653a8285771b596391a77740048c
e13c3895374ec8116468c8d4fc38cf9f49fda4f5279c281e023f65aab5102a0f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/alerta.png HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:51 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:34 GMT
Accept-Ranges: bytes
Content-Length: 244586
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/png

www.liderfinanceira.com/img/blue.ico

108.167.168.47

200 OK

15 kB

URL HTTP/1.1
www.liderfinanceira.com/img/blue.ico
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15406 bytes)
Hash
01c5dbfea08a8d72246542bdeea4e5ef
3f54e4b86d5c5b40af1d0f0d20dd088b6afdda1b
4bea907a9134bb308abaf85e8c5c079ac1331717cb88c94bae8957adf2569c27

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /img/blue.ico HTTP/1.1
Host: www.liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.liderfinanceira.com/

HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 08:37:51 GMT
Server: Apache
Last-Modified: Tue, 11 Oct 2022 15:07:34 GMT
Accept-Ranges: bytes
Content-Length: 15406
Cache-Control: max-age=604800
Expires: Mon, 02 Jan 2023 08:37:51 GMT
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/x-icon

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6377
Expires: Mon, 26 Dec 2022 10:24:08 GMT
Date: Mon, 26 Dec 2022 08:37:51 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6377
Expires: Mon, 26 Dec 2022 10:24:08 GMT
Date: Mon, 26 Dec 2022 08:37:51 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6377
Expires: Mon, 26 Dec 2022 10:24:08 GMT
Date: Mon, 26 Dec 2022 08:37:51 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6377
Expires: Mon, 26 Dec 2022 10:24:08 GMT
Date: Mon, 26 Dec 2022 08:37:51 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5272da38-01a8-4043-804a-cb62488152e1.jpeg

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5272da38-01a8-4043-804a-cb62488152e1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8423 bytes)
Hash
0eedc9584ce3db2443c98e94536e9dbb
779c88e1e3ef3f8ad5fc2b4dc545cda6298eeb74
ca4bde46fc0a3b1e17704ac46c011405e82ceb7a2780886ce70f0a798bc47f6b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5272da38-01a8-4043-804a-cb62488152e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8423
x-amzn-requestid: 29317808-72e9-404e-b4d7-2a2ca85c1ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNZzHywoAMFcKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2a4-5a2a88970fbc7d1d2f9da797;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n2tDc6R0yKValING-YZqmchO90g5ATryaSbcxFMeioWSFEVnGDM0CA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 21:50:07 GMT
age: 38864
etag: "779c88e1e3ef3f8ad5fc2b4dc545cda6298eeb74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9452 bytes)
Hash
e38d94b0be1b10ecac941b497f57c861
12911cd039f5c7b05013ebbc369aec5613134906
38a41df0d4f4405e8ecf6b379431bdb87eaed40e20481262b43d1fd127c010fd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9452
x-amzn-requestid: 41b87e86-25f2-4d3b-a4ac-ae9a933a75b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duMupEMdIAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c190-22b2693c043757fb5d58dda7;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:33:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: StP3cRZB5uQq5vj2oEZZmxAsLlu-nsnDNjQBdeb_o6Rd3YsP7p2Qlg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 22:06:41 GMT
etag: "12911cd039f5c7b05013ebbc369aec5613134906"
content-type: image/jpeg
age: 37870
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ad65fd6-c10d-4340-8a7a-8718c40ff3c0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7167 bytes)
Hash
da166227e68fd9dedd6194cb99d5aebc
edc937adabde929c8152b85df3806decbb286612
d415f381c63d04072ae49fc4aa19e375cc7c1c6d73220d364ea7bccd3f7fa163

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ad65fd6-c10d-4340-8a7a-8718c40ff3c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7167
x-amzn-requestid: ac5db47f-af55-4679-b8e7-d9ca8667cd43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: do61aFQ1oAMFT2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a6a4ef-0da25d9723ad2fb8740c54f2;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 07:06:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9TaazQqSBCiYUqLrHVq7ZIvJ41xIDQDUxUSP0xUxmZkg3dbaMMlOg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 06:17:01 GMT
age: 8450
etag: "edc937adabde929c8152b85df3806decbb286612"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb995026c-9c36-40df-864d-b3c2b7e5482b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9932 bytes)
Hash
e2665a6ae98ace2eab671f9e8a9f0978
d1b0b2b7bf8c8bf2e9765e9103908aba36989727
ae9125caee2dc267c67bf4f31f2669e03f65c47a43f2d0ab83081eb043d23d85

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb995026c-9c36-40df-864d-b3c2b7e5482b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9932
x-amzn-requestid: 280fdeaa-a0e1-4306-9adb-52c0f28b4002
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNZzGcjoAMF5wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2a4-73e3e4b34b67da2d2dbb8020;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nR7WiQ1kUfI129AOECPfR181bNjexz6B7BEIYxDRiGNqfKCQPiBKOQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 21:57:09 GMT
age: 38442
etag: "d1b0b2b7bf8c8bf2e9765e9103908aba36989727"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15ba8929-c657-48a6-a579-360324426927.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11249 bytes)
Hash
8403a671b2c4b3b2ce2f8a9eba9de2c0
5437391241a500b6b0d2118120e835d2673e7d39
1e52a144b08ff6efe2da52dfdfeccbc4cea9270536cf5e7a2a769bbff9cd7d2f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15ba8929-c657-48a6-a579-360324426927.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 6fdd6489-ffea-400f-9199-a20789160ba8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dlFk6FvuoAMFYcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a51c85-6805b25c54c3390e5c39c6e1;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 03:12:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SYzFNQsVsh92WOvx4IDgiKouBzdILGiMV4BRAImE7MEbHnVH6E__eg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 03:18:39 GMT
age: 19152
etag: "5437391241a500b6b0d2118120e835d2673e7d39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7dbee83-176a-4fa9-a42c-2a2c9db4001b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10961 bytes)
Hash
b46e077944b0d53e361327e6d690f2ec
c9f17cad706817aa66832633d1307a91c8c7d61e
b00a16c34c95675a08bafb198f7cc4b374e88a9041a6bb8593a61cb08ef3c306

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7dbee83-176a-4fa9-a42c-2a2c9db4001b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10961
x-amzn-requestid: 04d69a4a-2357-4651-a490-4a054bd3fd4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duMunGOQoAMFbKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c190-53efc5ef1d7545a90e940d0d;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:33:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EOf46ZIBIMKzJvfpWMB7BdYMA6dXxRYhinIN-lD4cOvkiPfsS-e3qA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 22:01:21 GMT
etag: "c9f17cad706817aa66832633d1307a91c8c7d61e"
content-type: image/jpeg
age: 38190
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:54 GMT
expires: Thu, 21 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 392638
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:56 GMT
expires: Thu, 21 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 392637
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Comfortaa:wght@300;400;500;600;700&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Comfortaa:wght@300;400;500;600;700&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Comfortaa:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.liderfinanceira.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Dec 2022 08:37:49 GMT
date: Mon, 26 Dec 2022 08:37:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Poppins:ital,wght@0,100;0,200;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.liderfinanceira.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Dec 2022 08:37:49 GMT
date: Mon, 26 Dec 2022 08:37:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

liderfinanceira.com/js/jquery.js

108.167.168.47

200 OK

0 B

URL HTTP/2
liderfinanceira.com/js/jquery.js
IP
108.167.168.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/jquery.js HTTP/1.1
Host: liderfinanceira.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.liderfinanceira.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 15:32:41 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 26 Dec 2022 08:37:50 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations