Report - edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/

Report Overview

Submitted URL
edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
IP
209.126.103.109
ASN
#30083 AS-30083-GO-DADDY-COM-LLC
Submitted
2023-03-03 14:12:43
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
312

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.155.206.154
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.8 kB	192.229.221.95
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	51 kB	34.120.237.76
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	803 B	1.7 kB	172.64.133.15
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
edoraseguros.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	434 B	209.126.103.109
www.edoraseguros.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	27 kB	2.4 MB	209.126.103.109

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-03	medium	edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	Malware
2023-03-03	medium	www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/css/auto-generated-wptwa.css?ver=1626280608	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.2.17	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.2.3	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/uploads/elementor/css/global.css?ver=1606159021	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/themes/astra/assets/css/minified/style.min.css?ver=1.4.10	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/uploads/elementor/css/post-426.css?ver=1601736553	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/formcraft3/dist/formcraft-common.css?ver=3.7.2	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.1.7	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/css/popup.css?ver=4.9.22	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/uploads/astra-addon/astra-addon-5fbc091be6edd2-63409265.css?ver=1.3.1	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/themes/bwebhosting/style.css?ver=1.0.0	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/simple-google-recaptcha/sgr.js?ver=1677849892	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/formcraft3/dist/form.css?ver=3.7.2	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/jquery.cookie.js	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/js/public.js?ver=2.1.5	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/themes/astra/assets/js/minified/style.min.js?ver=1.4.10	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/bootstrap.js	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/popup.js	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/uploads/astra-addon/astra-addon-5fbc091be719d2-48259273.js?ver=1.3.1	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-includes/js/wp-embed.min.js?ver=4.9.22	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/slick/slick.min.js?ver=1.8.1	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.1.7	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.5.0	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.2.3	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.2.17	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/uploads/2020/11/MuseoSans.otf	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/themes/astra/assets/fonts/astra.woff	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js?ver=4.4.3	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-content/uploads/2018/09/06.jpeg	Malware
2023-03-03	medium	www.edoraseguros.com.br/wp-admin/admin-ajax.php	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed
2023-03-03	medium	edoraseguros.com.br	Sinkholed

ThreatFox

No alerts detected

JavaScript (33)

	URL	Size	First Seen	Last Seen
	use.fontawesome.com/releases/v5.1.0/js/all.js?ver=4.9.22	914 kB	2023-03-07	2024-04-04
Pretty URL use.fontawesome.com/releases/v5.1.0/js/all.js?ver=4.9.22 IP 172.64.133.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:07 Last Seen2024-04-04 11:14:13 Times Seen400 Hash 004993df80280fa6c4af6ca17c4e5433 45b91ec300d7dc4872fe8ff5b27ceffb83c590b3 566d12cf66ff3d64ed100bdf634ce4b2de1dfa8ce38006f1b50912594865c1ae Loading...

	www.edoraseguros.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4	15 kB	2023-03-07	2024-03-14
Pretty URL www.edoraseguros.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:36 Last Seen2024-03-14 16:32:35 Times Seen997 Hash 4fd769dd0d168d4af82c7db048af866b d82c97e09e8d4ca64160aff9345e0a448c8c7759 2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed Loading...

	www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/popup.js	759 B	2023-03-07	2024-02-13
Pretty URL www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/popup.js IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:12 Last Seen2024-02-13 18:56:18 Times Seen24 Hash b8fe43aceb1f8be26dcd2511295ed0d4 ad91ca3fb337a9588152d954ea63e3bea0e2e257 b17f25545b48d3697001c1bac9496df71aacf26f443f00221044e582e6259796 Loading...

	www.edoraseguros.com.br/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4	6.4 kB	2023-03-07	2024-04-16
Pretty URL www.edoraseguros.com.br/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:51 Last Seen2024-04-16 07:13:32 Times Seen523 Hash 69fcee92fd1ccaa65d2e0610862fbeaf fb756249e3a56d678c35d2848959133b727e92b7 dd5bb66bac9f2d27689f537a7beaf5630134204e7327c42c066f0b64717fb3d3 Loading...

	www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	476 B	2023-03-14	2023-03-14
Pretty URL www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/ IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-14 17:26:07 Times Seen1 Hash cdfb85608cceb8b6d05f0f9f69e23ce4 9d3c840aeec92bc3d1b6b9696cafdd5f0d90f1c9 b4b8ba92b935fd8d8ef2eabd1fa3e73ad697db7568a6cb618ae90f2ee13b92c2 Loading...

	www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	320 B	2023-03-14	2023-03-14
Pretty URL www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/ IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-14 17:26:07 Times Seen1 Hash f6c022936b167604f11d16726d570b1c 2511216edeb2af16e0dc124f98ceb85afe279632 db86013692f219c4123fdcbd0bbbc8b283028d6283f9d1bff489d6cd4271f9a4 Loading...

	www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	121 B	2023-03-14	2023-03-14
Pretty URL www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/ IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-14 17:26:07 Times Seen1 Hash 4ddeeb18abcec56d8562b21509c36469 8a611eb8bd974d4e6502200e10951dfa9434f79b 53e3e026b2d3d533b3ba310c432a43a5c5fce979522d653b75efe5d6c711bb9a Loading...

	www.edoraseguros.com.br/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22	12 kB	2023-03-07	2024-04-24
Pretty URL www.edoraseguros.com.br/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-24 22:50:38 Times Seen6772 Hash fe0575b66568074463f12485d90f6d4c aeedd9ab3b7874e63f647042963cb1301a38b391 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7 Loading...

	www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.1.7	42 kB	2023-03-14	2023-11-24
Pretty URL www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.1.7 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-11-24 02:30:26 Times Seen5 Hash 32dc6e6f9b135bf0d862bea888b7ed3e f38c5b70f4e01902f7d6b93c81d22c7276e0676b 9bc1462f66e10c5a27f3bc382bc54ab6fa2f2579974beab9d6d34e3647170d59 Loading...

	www.edoraseguros.com.br/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.2.17	53 kB	2023-03-07	2024-01-14
Pretty URL www.edoraseguros.com.br/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.2.17 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:12 Last Seen2024-01-14 03:55:50 Times Seen12 Hash 4e59061d7ad08f426b0eea2054e83ff2 d5c4b6933833e3d951c7ae685579f320d2756d36 38a930f5f7db4bf0145cfaf542bca5354b9df90a65a7f699ff324b081b14d9fc Loading...

	use.fontawesome.com/releases/v5.1.0/js/v4-shims.js?ver=4.9.22	15 kB	2023-03-07	2024-04-04
Pretty URL use.fontawesome.com/releases/v5.1.0/js/v4-shims.js?ver=4.9.22 IP 172.64.133.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:07 Last Seen2024-04-04 11:14:13 Times Seen23 Hash 88238d38a876234b6c4ae00ac1a784f2 a502ff8d50e35b8cfeb880051c3ba4e56a5b8d85 d8b1f96ac0c26cf83649d8b736a77966807ba2445f69113a40124751b1709fda Loading...

	www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/js/public.js?ver=2.1.5	12 kB	2023-03-14	2023-03-14
Pretty URL www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/js/public.js?ver=2.1.5 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-14 17:26:07 Times Seen1 Hash cbbb070dc95a8cbeb67f7eb5ac548eda 72ab13432ebeaa16f71012a329261432e25d03b4 0816011ecaaafa7f51b5472cccd4dbabf591c735215c17874fd9fc5733f7fc43 Loading...

	www.edoraseguros.com.br/wp-content/uploads/astra-addon/astra-addon-5fbc091be719d2-48259273.js?ver=1.3.1	17 kB	2023-03-14	2023-03-14
Pretty URL www.edoraseguros.com.br/wp-content/uploads/astra-addon/astra-addon-5fbc091be719d2-48259273.js?ver=1.3.1 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-14 17:26:07 Times Seen1 Hash a00b62652bb6d5d7ca0b119778c6ccc0 d247726b39a7ecb7387955e47854d47ea78354e3 b1e2a8ab144d238a014228cfe26d7c27724ec648ad6db12b335090b2ed2f3451 Loading...

	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/slick/slick.min.js?ver=1.8.1	43 kB	2023-03-07	2024-04-24
Pretty URL www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/slick/slick.min.js?ver=1.8.1 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:34 Last Seen2024-04-24 23:18:05 Times Seen34364 Hash d5a61c749e44e47159af8a6579dda121 3b41b3bc956685015a347a2238e71db29dfa0dbb 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Loading...

	www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	969 B	2023-03-14	2023-03-14
Pretty URL www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/ IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-14 17:26:07 Times Seen1 Hash be259a10cac259c37df75b67da1d6492 89b1086b6e16cc76672ec90f806295805283a5a1 2b0cb69c087c7a75ae1c95c758ca61b88abd919574adeda93e086710920c7702 Loading...

	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-24
Pretty URL www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 23:48:07 Times Seen52712 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.2.3	36 kB	2023-03-14	2023-03-26
Pretty URL www.edoraseguros.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.2.3 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-26 11:41:07 Times Seen2 Hash 1ecf58f9cfa2c0bb2647709717fe06f8 5d2712417e3e0546bb836b84290c3840bc0cad1b e3ea2203d54a93fbf171653586bc85cd2eab3da54c824043f157f1d4ef72abb9 Loading...

	www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	60 B	2023-03-07	2024-04-17
Pretty URL www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/ IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:34 Last Seen2024-04-17 03:43:43 Times Seen329 Hash 8bf0f70cb4e1e838b2669cb6495bc93a 83d97383cd0cdeffc56723a91de445c7a2e41f61 fb1980a3897a8e80aac7db1533e9d7a4d2f8ea6526e91e3da4d61eb3f4986b84 Loading...

	www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	2.1 kB	2023-03-14	2023-03-14
Pretty URL www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/ IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-14 17:26:07 Times Seen1 Hash 2450df64d8c6d2e850c0ee993c167cad dd1fa4d25593700a906004ec8313ffd4ba235881 fb3ad03479bbff974f4e761a3df7745f669f0ff04755a8c03de7054a6881eb33 Loading...

	www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.1.7	6.4 kB	2023-03-07	2024-04-16
Pretty URL www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.1.7 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:45 Last Seen2024-04-16 07:13:32 Times Seen208 Hash 8b47296db08ac20dfb83be099d46b62a 3636d72d208dad253acd63df8411f9accce94585 eab347af732bc8b6dff914e54ff3e5dec6a84e8aa8315c2f9b64c17978f80fae Loading...

	www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	98 B	2023-03-14	2023-03-14
Pretty URL www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/ IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-14 17:26:07 Times Seen1 Hash 7ffba4d94db13e525c5f3897dcd21753 9a222cba62018feb354b38cbb92065f453e7f21b 3542624cba08cbafccd6c9b7f613d9fb3c333340cbf90b45053c17521d344e77 Loading...

	www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	641 B	2023-03-14	2023-03-14
Pretty URL www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/ IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-14 17:25:02 Times Seen1 Hash ed9dc34cbb183fd4c7ddcedc0790096c e82d1cbf8d8ae142f4d8109a4bf276a80b0eefbe bd364c085abf4f15110a6aff62aa96c0b03adeab270ca5860e1f3e1b124925a4 Loading...

	www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	701 B	2023-03-14	2023-03-14
Pretty URL www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/ IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-14 17:26:07 Times Seen1 Hash 212b4a5d15a3f309c9ecd5d8eb0e4cb8 220653ca32e4350b706d018318ec1717f09dc6bc 4cc367fb51ea89701ffaeffb5556d5fbee03c0232cbe22814a271cad806d2197 Loading...

	www.edoraseguros.com.br/wp-includes/js/wp-embed.min.js?ver=4.9.22	1.4 kB	2023-03-07	2024-04-24
Pretty URL www.edoraseguros.com.br/wp-includes/js/wp-embed.min.js?ver=4.9.22 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-24 21:41:00 Times Seen2990 Hash 570ae0f3c201604926ea599d3d1f6c04 2c29243a73660964d4712b969d2a15e27777bc14 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b Loading...

	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.5.0	10 kB	2023-03-08	2023-11-14
Pretty URL www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.5.0 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:01:06 Last Seen2023-11-14 18:21:50 Times Seen16 Hash d19e74e9036ed25483f4f8711d3365b4 f82b09dc73ff9b74c8f92937f9b964d162462ac7 bb92671e222be4c74260c32dae506732545aa1ccd87ed9b7eb6ff42d915a741e Loading...

	www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js?ver=4.4.3	123 kB	2023-03-07	2024-04-16
Pretty URL www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js?ver=4.4.3 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:46 Last Seen2024-04-16 07:13:33 Times Seen93 Hash 00e93736ce410d9a36fb7d376a6524c4 476c60b640e5a4cdc8aa04eda4750d914419d068 4715ff946aa9fdcf7e3385799a479fc6c5d88e6d070f0c62aaf473e5f791fa41 Loading...

	www.edoraseguros.com.br/wp-content/plugins/simple-google-recaptcha/sgr.js?ver=1677849892	1.3 kB	2023-03-07	2024-04-03
Pretty URL www.edoraseguros.com.br/wp-content/plugins/simple-google-recaptcha/sgr.js?ver=1677849892 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:31:17 Last Seen2024-04-03 01:53:41 Times Seen406 Hash f2838b1ff6c3653d68b8e3dc78562a01 b983230ad7d50641e2be084e277cc4da201279bd 234443c5e8844e0a1ff549111e5e0313346b828aa05f6432af1ca750d971a1bb Loading...

	www.edoraseguros.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	10 kB	2023-03-07	2024-04-24
Pretty URL www.edoraseguros.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-24 23:48:07 Times Seen37191 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	www.edoraseguros.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4	97 kB	2023-03-07	2024-04-24
Pretty URL www.edoraseguros.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 22:50:38 Times Seen10194 Hash dc5ba5044fccc0297be7b262ce669a7c f137ff98ae379e35b0702967d3b6866a0a40e3be cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3 Loading...

	www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/jquery.cookie.js	3.1 kB	2023-03-07	2024-04-24
Pretty URL www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/jquery.cookie.js IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:12 Last Seen2024-04-24 23:48:04 Times Seen2898 Hash 1e3faa7fc49484964ecae46ca9494f35 bfe7d4d0c3bfb70871cab51bd8f462ca78a38ad3 13161f845883ddc67c4adec84919b2350c3ab125c5c4263dbb736594c54ccd71 Loading...

	www.edoraseguros.com.br/wp-content/themes/astra/assets/js/minified/style.min.js?ver=1.4.10	9.2 kB	2023-03-08	2023-03-26
Pretty URL www.edoraseguros.com.br/wp-content/themes/astra/assets/js/minified/style.min.js?ver=1.4.10 IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:20 Last Seen2023-03-26 05:44:03 Times Seen2 Hash 8851a35109094348e6e41c535e94fc07 a183517d182cb986f4c8e616d61b6e9db3c738c3 95da09c594a6b758d7ec0867a7db317cbf3507d3b705051c10d88b531f145bc8 Loading...

	www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/bootstrap.js	12 kB	2023-03-07	2024-02-13
Pretty URL www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/bootstrap.js IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:12 Last Seen2024-02-13 18:56:18 Times Seen28 Hash 4abd6da8236bb919cae76a66948062fc f8fb78f2a3f44953f3ebbf689f33fb8c40ffb207 b22fa005ca36d0af3f97bc74d18887ae59ab43d01d99d4ac2cd8de4e19503b09 Loading...

	www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/	253 B	2023-03-14	2023-03-14
Pretty URL www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/ IP 209.126.103.109 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:25:02 Last Seen2023-03-14 17:26:07 Times Seen1 Hash b09490bf49587ea58c828e3f69ecf7e4 6a5a897e246e2557c3bab1c0ee15fd38fcf51ff0 d2e42a64e957838ccded81fc65a0fb40b891bf31139b4663ce414250c2046f48 Loading...

HTTP Transactions (84)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a39c6b0123e56e5b89743a8ad25c746e
feb61559594a73b319532dec130f10068fdf1242
d1adf9c8c7e63c33674a6af4b4111fe0ce1092d362ca4bf7c7dd00e6b6034f09

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1ADF9C8C7E63C33674A6AF4B4111FE0CE1092D362CA4BF7C7DD00E6B6034F09"
Last-Modified: Thu, 02 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11072
Expires: Fri, 03 Mar 2023 17:17:04 GMT
Date: Fri, 03 Mar 2023 14:12:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
96abc4d0be3e74da1484937a66c5ff39
357520bead07e25b52d4ca0c0c69db60cfaa0d7c
32c544ef8b8a3faaf08bdb76f8a387510037dfc15a022fd59457cf45215a6ba8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32C544EF8B8A3FAAF08BDB76F8A387510037DFC15A022FD59457CF45215A6BA8"
Last-Modified: Thu, 02 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3479
Expires: Fri, 03 Mar 2023 15:10:31 GMT
Date: Fri, 03 Mar 2023 14:12:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Mar 2023 14:08:19 GMT
content-type: application/json
age: 253
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2383d0b67af7368d8e13a3013f4065a
cdf951e84f87d010cf40b76f7b91e82ad17f374f
5463c186f7f30f83be61e91a980c749b70089e48b234d73a6e7eeb179cfd7ee9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5463C186F7F30F83BE61E91A980C749B70089E48B234D73A6E7EEB179CFD7EE9"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10944
Expires: Fri, 03 Mar 2023 17:14:56 GMT
Date: Fri, 03 Mar 2023 14:12:32 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: /Wjr9TF5VCZf3SejnQHIY05qzpcHwBsnkgVSxYbOPkjkNc4qnUr8RLOoMVt1+ggDXhXkdFM8xbT23zfKrTQa9g==
x-amz-request-id: F8MSW9DBMB4PSKRT
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Mar 2023 13:15:50 GMT
age: 3402
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Mar 2023 14:12:32 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Cache-Control, Expires, Alert, Content-Type, Pragma, Retry-After, Last-Modified, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Mar 2023 14:03:38 GMT
age: 535
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
51e95d61b93964116033d39ca29d8e87
f4b94d787ce49da21c28fe7853b1a85d2b9494dc
083c886afce548aad4f54caa7f7766e38d9376d55077d4072dbddbdafa086f85

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "083C886AFCE548AAD4F54CAA7F7766E38D9376D55077D4072DBDDBDAFA086F85"
Last-Modified: Thu, 02 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10803
Expires: Fri, 03 Mar 2023 17:12:36 GMT
Date: Fri, 03 Mar 2023 14:12:33 GMT
Connection: keep-alive

edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/

209.126.103.109

301 Moved Permanently

20 B

URL HTTP/1.1
edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cgi-bin/jQNq9wlH1GXU/ HTTP/1.1
Host: edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Mar 2023 14:12:33 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Vary: Accept-Encoding
Location: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

35.155.206.154

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.155.206.154:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rbtaZy12ToMwjoHXN7s2sQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wQP2tOdNkMw7GnG57hkU/xGyWNE=

www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/

209.126.103.109

404 Not Found

13 kB

URL HTTP/1.1
www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20225), with CRLF, LF line terminators
Size
13 kB (12704 bytes)
Hash
1b1d1c936e15e3f2b471e5697a269e4d
8bdf6b8531207426ddc7cfa1c89ec0d79d6d9e80
5eec37408cbd6ae524815802c4402df9b888c77437453ae3d1cf00d405b792f4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cgi-bin/jQNq9wlH1GXU/ HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 404 Not Found
Date: Fri, 03 Mar 2023 14:12:33 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.edoraseguros.com.br/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.edoraseguros.com.br/wp-content/plugins/simple-google-recaptcha/sgr.css?ver=1677849892

209.126.103.109

200 OK

228 B

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/simple-google-recaptcha/sgr.css?ver=1677849892
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text
Size
228 B (228 bytes)
Hash
87919152e480d34bc2ab66090bb82746
13fa0e22062206ec9e2b02397f13462335eaed63
39a95abda660ba5b3d0465459168d211ca3fc375430d0ae0b1440b27625a37f8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/simple-google-recaptcha/sgr.css?ver=1677849892 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Fri, 03 Mar 2023 13:24:52 GMT
Accept-Ranges: bytes
Content-Length: 228
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/css/public.css?ver=2.1.5

209.126.103.109

200 OK

9.2 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/css/public.css?ver=2.1.5
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with CRLF line terminators
Size
9.2 kB (9160 bytes)
Hash
094ef15586877a4cc8388cea1da8890b
0f74a3340a5263a80dbf4a960beef92616716543
a59c956aaaa564c4b77519ec006e334360f1969799b87156b3aaf7730371f14c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpt-whatsapp/assets/css/public.css?ver=2.1.5 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Mon, 17 Sep 2018 17:30:26 GMT
Accept-Ranges: bytes
Content-Length: 9160
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/css/auto-generated-wptwa.css?ver=1626280608

209.126.103.109

200 OK

1.4 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/css/auto-generated-wptwa.css?ver=1626280608
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1395 bytes)
Hash
bc12ca7523f30ef493f42953cb669b84
8ab48aa092e0bf7a34de6afb74f78aa2b1d0d5b9
85644d88cf765ac7e76b23ba4cd0df13d11bc1acf677b30fb75fd43e4d4aba99

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpt-whatsapp/assets/css/auto-generated-wptwa.css?ver=1626280608 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Wed, 14 Jul 2021 16:36:48 GMT
Accept-Ranges: bytes
Content-Length: 1395
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=3.8.0

209.126.103.109

200 OK

11 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=3.8.0
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (10857)
Size
11 kB (10902 bytes)
Hash
f80af3c1a10b228f7ba5d4d8a85fdd83
c2c9ae2f21c280f4d2d631b61d4a1fdabe76778c
30c7e0d3db9a898c6b503e91eb1dbd2608074bff0e56babe504173eb9573ec59

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=3.8.0 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:15:48 GMT
Accept-Ranges: bytes
Content-Length: 10902
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.digicert.com/

192.229.221.95

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
62f2bbc0f28540433c2835a9148fc521
c945a7081083793d44479f23586ae7ffc13eec61
345e98941235327764cc8ef002ac88f40e819aafcb6c9ba9ecf07ccdb3cbf935

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 29970
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Mar 2023 14:12:34 GMT
Last-Modified: Fri, 03 Mar 2023 05:53:04 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

192.229.221.95

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
62f2bbc0f28540433c2835a9148fc521
c945a7081083793d44479f23586ae7ffc13eec61
345e98941235327764cc8ef002ac88f40e819aafcb6c9ba9ecf07ccdb3cbf935

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 29975
Cache-Control: max-age=108833
Content-Type: application/ocsp-response
Date: Fri, 03 Mar 2023 14:12:34 GMT
Etag: "6400915c-118"
Expires: Sat, 04 Mar 2023 20:26:27 GMT
Last-Modified: Thu, 02 Mar 2023 12:06:52 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 280

www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0

209.126.103.109

200 OK

31 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:15:48 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.2.17

209.126.103.109

200 OK

18 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.2.17
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (17644)
Size
18 kB (17645 bytes)
Hash
bb82cc8a0c1a1941b1ff7cb1ca0596a5
6819b2fcf37dd371ec5806b2da32ffb6aa301435
fcb1fd934d770a9e70d42b91330ceee723d49d8a067e9e8f7e0739a7931b967a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.2.17 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Sat, 03 Oct 2020 13:18:59 GMT
Accept-Ranges: bytes
Content-Length: 17645
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8612
Expires: Fri, 03 Mar 2023 16:36:06 GMT
Date: Fri, 03 Mar 2023 14:12:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8612
Expires: Fri, 03 Mar 2023 16:36:06 GMT
Date: Fri, 03 Mar 2023 14:12:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080edfd7-ca45-4d02-a82e-695dc100f1bc.jpeg

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080edfd7-ca45-4d02-a82e-695dc100f1bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7507 bytes)
Hash
9562ddfb26d6176ec12e8e71cc55895c
86bd68def54b0b50e6f728690b2ddf08f858bc33
b51ad98c7c8cb4b2be7af430f4a5963457661d4f13e8029a4bb2cd2ebeb00498

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080edfd7-ca45-4d02-a82e-695dc100f1bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: d9b61fbe-db88-4902-92d2-b3d97bd7be88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BLCh4FTuoAMFeIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640117a5-4ced7773195e43cd4c4f8e25;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Hit from cloudfront
x-amz-cf-id: MU2eMq-Brvy0sLy-WZoszctLcITqVnwsftxXaFujYHgmKqM6PZMQTA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3dcf7c8001b07734617b28e9bacc90ac.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Mar 2023 22:15:47 GMT
age: 57407
etag: "86bd68def54b0b50e6f728690b2ddf08f858bc33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecd5f51d-c165-4228-b31e-35e9516c7ad5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10504 bytes)
Hash
d7b980c564a4ca7c7b68c4716e2398db
e2b327c261d113b17053f475f2d4ef06fe5fb770
478886f4d7ac80275da33753926320384665b246f85ede4c2547aba2f724e97e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecd5f51d-c165-4228-b31e-35e9516c7ad5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10504
x-amzn-requestid: ee0a1e46-71ea-4647-ba9b-b350c7ca2ad0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BLCyvEy5oAMF8NQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64011811-7f3cecd06abd02671a7af460;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:41:37 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Hit from cloudfront
x-amz-cf-id: crclJpITavT8kxEfiamR2T29A8XLbGSRSebzv4BV5cPhZWQ-9_UusQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 a02a98c09aaf2561c8ca019e473cf172.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Mar 2023 22:14:39 GMT
age: 57475
etag: "e2b327c261d113b17053f475f2d4ef06fe5fb770"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3381 bytes)
Hash
4726917eabc29a977873ad26e264e70d
4619a0418ee08d6618ead537f31823c98f355b5a
d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 20gfRWuEZKeWijeUdUr10sCx8uqri-zpK-KTXBJrZaQOm3V1Gk8KQw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 0ec9ddba08fcd99386924593dbdbd44a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Mar 2023 11:26:52 GMT
age: 9942
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc81172d5-849a-4947-895d-7b645a656f98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9043 bytes)
Hash
4c627140fb587a52035e07a0e4849aa4
0fda39fd9db63f210a73fe14d6cb445d877303f1
ef144a10c04afa87fe3ae0c30906495f42b87678d6a5bab9ac934e8425d8ced3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc81172d5-849a-4947-895d-7b645a656f98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9043
x-amzn-requestid: b198e6ac-b731-4300-ba73-0dae7c426334
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BLC6CHbBIAMF59w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6401183f-4e716af671ac66683937eaca;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:42:23 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Hit from cloudfront
x-amz-cf-id: knLOY1TnJUV4G5JGbFN96KbF_HOGaLh_HbnHdh3FbIlZI-KUBitLZQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 7f5c6f79ed16052a7a2f78b6025bcf5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Mar 2023 22:15:58 GMT
age: 57396
etag: "0fda39fd9db63f210a73fe14d6cb445d877303f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdba647c7-b8d3-4043-b8c8-caba179b5589.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4371 bytes)
Hash
e6c6971746047136e4cbf0dd381a2bf1
07cb3900b31e286c0ee6ef4e6344969a5ad893b4
4f35efad14bd441063c58fff5a44e05a9497c91266ff5b4c48a9386288bbc886

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdba647c7-b8d3-4043-b8c8-caba179b5589.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4371
x-amzn-requestid: 4996a003-e275-4edb-a0a3-f5d7e72cd1ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BLChFE_NoAMFYPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640117a0-31d3ea3b1e196aaa372dd016;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 6TMBH_aSock0V22r3Xt99HQs1N7qY65SsSyiYPrtXYAPW-l3d3lC7g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 3aed32068dbe2f7fb3a27284c9c26498.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Mar 2023 22:14:32 GMT
age: 57482
etag: "07cb3900b31e286c0ee6ef4e6344969a5ad893b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cb94071-e9a3-41a5-a749-2673fe94c69d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9807 bytes)
Hash
0434a796c70c1df5c82845eb5b19b8cb
0c84cf11487867cc6b9f955b12de4d6199804e4d
c43e2da686b91d44e8a619413c5439973246ce31722745d96c0a6a6286dad155

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cb94071-e9a3-41a5-a749-2673fe94c69d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9807
x-amzn-requestid: f855150d-9f03-40a3-a425-0704a4334db1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BLC6uFzSoAMFzWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64011844-3db631d0459704b904a0701a;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:42:28 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Hit from cloudfront
x-amz-cf-id: dx5LohAarY33i0QOrqHSuzTOGoN5if6-pqPMn_8_FO3bMK-eCjJpDg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 9c335c5f85533b11cbfd38dc7cc60c16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Mar 2023 22:14:40 GMT
age: 57474
etag: "0c84cf11487867cc6b9f955b12de4d6199804e4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8612
Expires: Fri, 03 Mar 2023 16:36:06 GMT
Date: Fri, 03 Mar 2023 14:12:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8612
Expires: Fri, 03 Mar 2023 16:36:06 GMT
Date: Fri, 03 Mar 2023 14:12:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8612
Expires: Fri, 03 Mar 2023 16:36:06 GMT
Date: Fri, 03 Mar 2023 14:12:34 GMT
Connection: keep-alive

www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.2.3

209.126.103.109

200 OK

18 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.2.3
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (10019)
Size
18 kB (18468 bytes)
Hash
4601ba55044413706c2022cb6c1c3d05
5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.2.3 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:15:48 GMT
Accept-Ranges: bytes
Content-Length: 18468
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ocsp.digicert.com/

192.229.221.95

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
62f2bbc0f28540433c2835a9148fc521
c945a7081083793d44479f23586ae7ffc13eec61
345e98941235327764cc8ef002ac88f40e819aafcb6c9ba9ecf07ccdb3cbf935

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 29986
Cache-Control: max-age=108843
Content-Type: application/ocsp-response
Date: Fri, 03 Mar 2023 14:12:34 GMT
Etag: "6400915c-118"
Expires: Sat, 04 Mar 2023 20:26:37 GMT
Last-Modified: Thu, 02 Mar 2023 12:06:52 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 280

www.edoraseguros.com.br/wp-content/uploads/elementor/css/global.css?ver=1606159021

209.126.103.109

200 OK

19 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/elementor/css/global.css?ver=1606159021
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (14981)
Size
19 kB (19169 bytes)
Hash
e6b2808c8562a456ac6899270cb92bb0
3c7d79363f22330b905384bc46878b13e8c814bc
5715589d9f03a6843ddc031bce8bada77ef38fb07690aaf727478f1f23845eb2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1606159021 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 19:17:01 GMT
Accept-Ranges: bytes
Content-Length: 19169
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/themes/astra/assets/css/minified/style.min.css?ver=1.4.10

209.126.103.109

200 OK

92 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/themes/astra/assets/css/minified/style.min.css?ver=1.4.10
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (62977)
Size
92 kB (91499 bytes)
Hash
1d88d5884f2554c42fe4ba4c1ac267e4
082535fbe8555a9a661c5c5adef331b7de89eec7
c0187da6018204064ed124eedbe0727659142efcb2233e5fcf278f86ff5b3c63

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/style.min.css?ver=1.4.10 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Thu, 30 Aug 2018 20:37:40 GMT
Accept-Ranges: bytes
Content-Length: 91499
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/uploads/elementor/css/post-426.css?ver=1601736553

209.126.103.109

200 OK

3.4 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/elementor/css/post-426.css?ver=1601736553
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (3395), with no line terminators
Size
3.4 kB (3395 bytes)
Hash
48135550067e1211c28736f6b272f546
1e6f615a5430d9d2d8e3a819033c1f5bcbe342d1
e3d5046b14a6f2f36fbef755a82607a3cb5f1715938b5b15401f08d909112f23

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-426.css?ver=1601736553 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Sat, 03 Oct 2020 14:49:13 GMT
Accept-Ranges: bytes
Content-Length: 3395
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4

209.126.103.109

200 OK

1.7 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text
Size
1.7 kB (1743 bytes)
Hash
ec96e53e57b5d34f762d567cdb29a312
33d59800f24b9967590354a7b47b37000dc5a5cc
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Mon, 17 Sep 2018 16:14:02 GMT
Accept-Ranges: bytes
Content-Length: 1743
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.2.3

209.126.103.109

200 OK

86 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.2.3
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65497)
Size
86 kB (86104 bytes)
Hash
aaaeef18294371617d605fc53dd0a87f
246264902f7693978adb62b34a9d3fc42bf485ca
d48f82fcad553ed485276360afc623c99e918d2096835e98497889e1f097dbf0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.2.3 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:15:48 GMT
Accept-Ranges: bytes
Content-Length: 86104
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7.min.css?ver=1.4.10

209.126.103.109

200 OK

1.2 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7.min.css?ver=1.4.10
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (1157), with no line terminators
Size
1.2 kB (1157 bytes)
Hash
12b106223a6e39aa680d2203fa45b4bd
277dd650f83aa0049cac928925f48e29f3354399
147eaa5bb4f677798026dcc639ac875b0135edd33be0cf8b91d9648162093d86

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7.min.css?ver=1.4.10 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 30 Aug 2018 20:37:40 GMT
Accept-Ranges: bytes
Content-Length: 1157
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/formcraft3/dist/formcraft-common.css?ver=3.7.2

209.126.103.109

200 OK

28 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/formcraft3/dist/formcraft-common.css?ver=3.7.2
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (28170), with no line terminators
Size
28 kB (28170 bytes)
Hash
a0e500d8f5d5f8b028bfbaa7c797234c
d8fd83ca943afbe669d588f08f60770295526614
841d5aa9fb627b9d4da90602fbcf04efee058d95485a3a4b288466f97ecd793a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/formcraft3/dist/formcraft-common.css?ver=3.7.2 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Fri, 12 Oct 2018 19:01:28 GMT
Accept-Ranges: bytes
Content-Length: 28170
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.1.7

209.126.103.109

200 OK

172 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.1.7
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65493)
Size
172 kB (172032 bytes)
Hash
d77f3a77511e080ff31296093f1ebdfc
b6984d59e12dff0ff17d53d3a3a31d0e8e41325a
eaf775924ed29a796069502de0461ed470600d632185d8ed4134f78ea4f1dac8

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.1.7 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:11:40 GMT
Accept-Ranges: bytes
Content-Length: 172032
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/css/bootstrap.css?ver=4.9.22

209.126.103.109

200 OK

4.0 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/css/bootstrap.css?ver=4.9.22
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with CRLF line terminators
Size
4.0 kB (4009 bytes)
Hash
69f8c4a5c968e5c63443ac939f75ef97
8b26b4fe6114f2029ed04d71efdac6104805da67
0ca7de348cba17f8c0e05e9b5beb4aac48bb85be60bc53695954bf4401ebafbc

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/modal-for-elementor/css/bootstrap.css?ver=4.9.22 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Fri, 11 May 2018 00:10:52 GMT
Accept-Ranges: bytes
Content-Length: 4009
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.2.17

209.126.103.109

200 OK

243 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.2.17
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
243 kB (242706 bytes)
Hash
d8e6ec59ff9c7494a2a843cb3ce77814
e2708333fab610dd215516645f7b6ba0edb4c63e
b58b70ad9782c90bba89108be0ff99b00c66c56ae0dc78f94f332de8acd81843

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.2.17 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:34 GMT
Server: Apache
Last-Modified: Sat, 03 Oct 2020 13:18:59 GMT
Accept-Ranges: bytes
Content-Length: 242706
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/css/popup.css?ver=4.9.22

209.126.103.109

200 OK

1.0 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/css/popup.css?ver=4.9.22
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with CRLF line terminators
Size
1.0 kB (1043 bytes)
Hash
24368f1c1487c66ffc47b7ac1ba9e1e3
53410400e05c9c6407f28cbbc538728fe18e1d91
a69ee0d8c053943ff875fb34700d9fa2974793fd0e1d1883411a3cea721fa6e6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/modal-for-elementor/css/popup.css?ver=4.9.22 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Fri, 11 May 2018 00:10:52 GMT
Accept-Ranges: bytes
Content-Length: 1043
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/uploads/astra-addon/astra-addon-5fbc091be6edd2-63409265.css?ver=1.3.1

209.126.103.109

200 OK

38 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/astra-addon/astra-addon-5fbc091be6edd2-63409265.css?ver=1.3.1
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (38371), with no line terminators
Size
38 kB (38371 bytes)
Hash
5c5bd1c8a901c7f6a77da461a068d34b
2ca3bfa75ddf4739921103c26ee4f707bfa2cd5f
dc107cd689822082302417fd75c3c4de645158d60c70b67f6d4e8cd97b3951f3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/astra-addon/astra-addon-5fbc091be6edd2-63409265.css?ver=1.3.1 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 19:10:19 GMT
Accept-Ranges: bytes
Content-Length: 38371
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/themes/bwebhosting/style.css?ver=1.0.0

209.126.103.109

200 OK

468 B

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/themes/bwebhosting/style.css?ver=1.0.0
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text
Size
468 B (468 bytes)
Hash
4b534127beea30a3b6c2b925dda229ac
1517af401958c49682e621a1543f40f1c84cee0d
54291a19fa2cb5d0d7bfde1f0bed32296f01be13024008c19d776dd2acf15c17

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bwebhosting/style.css?ver=1.0.0 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 19:15:26 GMT
Accept-Ranges: bytes
Content-Length: 468
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-content/plugins/simple-google-recaptcha/sgr.js?ver=1677849892

209.126.103.109

200 OK

1.3 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/simple-google-recaptcha/sgr.js?ver=1677849892
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text
Size
1.3 kB (1340 bytes)
Hash
f2838b1ff6c3653d68b8e3dc78562a01
b983230ad7d50641e2be084e277cc4da201279bd
234443c5e8844e0a1ff549111e5e0313346b828aa05f6432af1ca750d971a1bb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/simple-google-recaptcha/sgr.js?ver=1677849892 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Fri, 03 Mar 2023 13:24:52 GMT
Accept-Ranges: bytes
Content-Length: 1340
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/formcraft3/dist/form.css?ver=3.7.2

209.126.103.109

200 OK

64 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/formcraft3/dist/form.css?ver=3.7.2
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (63913), with no line terminators
Size
64 kB (63913 bytes)
Hash
e68cda1ddafeaafd003d213cc53309c6
41d9f0543cd7f069868942e175f06d797250e52f
b727ebcea31d2f596e341fdd56040917330e2c80e7f48bf84273249370fd6180

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/formcraft3/dist/form.css?ver=3.7.2 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 18:44:14 GMT
Accept-Ranges: bytes
Content-Length: 63913
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.edoraseguros.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

209.126.103.109

200 OK

10 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (9959)
Size
10 kB (10056 bytes)
Hash
7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Fri, 20 May 2016 09:11:28 GMT
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4

209.126.103.109

200 OK

97 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (31997)
Size
97 kB (96874 bytes)
Hash
dc5ba5044fccc0297be7b262ce669a7c
f137ff98ae379e35b0702967d3b6866a0a40e3be
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 05 Sep 2019 08:20:14 GMT
Accept-Ranges: bytes
Content-Length: 96874
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/jquery.cookie.js

209.126.103.109

200 OK

3.1 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/jquery.cookie.js
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text
Size
3.1 kB (3095 bytes)
Hash
1e3faa7fc49484964ecae46ca9494f35
bfe7d4d0c3bfb70871cab51bd8f462ca78a38ad3
13161f845883ddc67c4adec84919b2350c3ab125c5c4263dbb736594c54ccd71

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/modal-for-elementor/js/jquery.cookie.js HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Fri, 11 May 2018 00:10:52 GMT
Accept-Ranges: bytes
Content-Length: 3095
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/js/public.js?ver=2.1.5

209.126.103.109

200 OK

12 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/js/public.js?ver=2.1.5
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with CRLF line terminators
Size
12 kB (11778 bytes)
Hash
cbbb070dc95a8cbeb67f7eb5ac548eda
72ab13432ebeaa16f71012a329261432e25d03b4
0816011ecaaafa7f51b5472cccd4dbabf591c735215c17874fd9fc5733f7fc43

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpt-whatsapp/assets/js/public.js?ver=2.1.5 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Mon, 17 Sep 2018 17:30:26 GMT
Accept-Ranges: bytes
Content-Length: 11778
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22

209.126.103.109

200 OK

12 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (9063)
Size
12 kB (11943 bytes)
Hash
fe0575b66568074463f12485d90f6d4c
aeedd9ab3b7874e63f647042963cb1301a38b391
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.22 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 05:09:21 GMT
Accept-Ranges: bytes
Content-Length: 11943
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/themes/astra/assets/js/minified/style.min.js?ver=1.4.10

209.126.103.109

200 OK

9.2 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/themes/astra/assets/js/minified/style.min.js?ver=1.4.10
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (9179), with no line terminators
Size
9.2 kB (9179 bytes)
Hash
8851a35109094348e6e41c535e94fc07
a183517d182cb986f4c8e616d61b6e9db3c738c3
95da09c594a6b758d7ec0867a7db317cbf3507d3b705051c10d88b531f145bc8

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/astra/assets/js/minified/style.min.js?ver=1.4.10 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 30 Aug 2018 20:37:40 GMT
Accept-Ranges: bytes
Content-Length: 9179
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4

209.126.103.109

200 OK

15 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text
Size
15 kB (14710 bytes)
Hash
4fd769dd0d168d4af82c7db048af866b
d82c97e09e8d4ca64160aff9345e0a448c8c7759
2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Mon, 17 Sep 2018 16:14:02 GMT
Accept-Ranges: bytes
Content-Length: 14710
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/bootstrap.js

209.126.103.109

200 OK

12 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/bootstrap.js
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with CRLF line terminators
Size
12 kB (11494 bytes)
Hash
4abd6da8236bb919cae76a66948062fc
f8fb78f2a3f44953f3ebbf689f33fb8c40ffb207
b22fa005ca36d0af3f97bc74d18887ae59ab43d01d99d4ac2cd8de4e19503b09

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/modal-for-elementor/js/bootstrap.js HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Fri, 11 May 2018 00:10:52 GMT
Accept-Ranges: bytes
Content-Length: 11494
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/popup.js

209.126.103.109

200 OK

759 B

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/modal-for-elementor/js/popup.js
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with CRLF line terminators
Size
759 B (759 bytes)
Hash
b8fe43aceb1f8be26dcd2511295ed0d4
ad91ca3fb337a9588152d954ea63e3bea0e2e257
b17f25545b48d3697001c1bac9496df71aacf26f443f00221044e582e6259796

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/modal-for-elementor/js/popup.js HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Fri, 11 May 2018 00:10:52 GMT
Accept-Ranges: bytes
Content-Length: 759
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/uploads/astra-addon/astra-addon-5fbc091be719d2-48259273.js?ver=1.3.1

209.126.103.109

200 OK

17 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/astra-addon/astra-addon-5fbc091be719d2-48259273.js?ver=1.3.1
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (16801), with no line terminators
Size
17 kB (16801 bytes)
Hash
a00b62652bb6d5d7ca0b119778c6ccc0
d247726b39a7ecb7387955e47854d47ea78354e3
b1e2a8ab144d238a014228cfe26d7c27724ec648ad6db12b335090b2ed2f3451

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/astra-addon/astra-addon-5fbc091be719d2-48259273.js?ver=1.3.1 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 19:10:19 GMT
Accept-Ranges: bytes
Content-Length: 16801
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-includes/js/wp-embed.min.js?ver=4.9.22

209.126.103.109

200 OK

1.4 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-includes/js/wp-embed.min.js?ver=4.9.22
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=4.9.22 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 05:09:21 GMT
Accept-Ranges: bytes
Content-Length: 1391
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/slick/slick.min.js?ver=1.8.1

209.126.103.109

200 OK

43 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/slick/slick.min.js?ver=1.8.1
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (42862)
Size
43 kB (42863 bytes)
Hash
d5a61c749e44e47159af8a6579dda121
3b41b3bc956685015a347a2238e71db29dfa0dbb
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/slick/slick.min.js?ver=1.8.1 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:15:48 GMT
Accept-Ranges: bytes
Content-Length: 42863
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.1.7

209.126.103.109

200 OK

6.4 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.1.7
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (6431), with no line terminators
Size
6.4 kB (6431 bytes)
Hash
8b47296db08ac20dfb83be099d46b62a
3636d72d208dad253acd63df8411f9accce94585
eab347af732bc8b6dff914e54ff3e5dec6a84e8aa8315c2f9b64c17978f80fae

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.1.7 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:11:34 GMT
Accept-Ranges: bytes
Content-Length: 6431
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.1.7

209.126.103.109

200 OK

42 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.1.7
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (42121)
Size
42 kB (42164 bytes)
Hash
32dc6e6f9b135bf0d862bea888b7ed3e
f38c5b70f4e01902f7d6b93c81d22c7276e0676b
9bc1462f66e10c5a27f3bc382bc54ab6fa2f2579974beab9d6d34e3647170d59

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.1.7 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:11:40 GMT
Accept-Ranges: bytes
Content-Length: 42164
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4

209.126.103.109

200 OK

6.4 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (6219)
Size
6.4 kB (6440 bytes)
Hash
69fcee92fd1ccaa65d2e0610862fbeaf
fb756249e3a56d678c35d2848959133b727e92b7
dd5bb66bac9f2d27689f537a7beaf5630134204e7327c42c066f0b64717fb3d3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 05:09:21 GMT
Accept-Ranges: bytes
Content-Length: 6440
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.5.0

209.126.103.109

200 OK

10 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.5.0
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (10036)
Size
10 kB (10173 bytes)
Hash
d19e74e9036ed25483f4f8711d3365b4
f82b09dc73ff9b74c8f92937f9b964d162462ac7
bb92671e222be4c74260c32dae506732545aa1ccd87ed9b7eb6ff42d915a741e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.5.0 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:15:48 GMT
Accept-Ranges: bytes
Content-Length: 10173
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

209.126.103.109

200 OK

12 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (12198), with no line terminators
Size
12 kB (12198 bytes)
Hash
3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:15:48 GMT
Accept-Ranges: bytes
Content-Length: 12198
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.2.3

209.126.103.109

200 OK

36 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.2.3
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (36128)
Size
36 kB (36167 bytes)
Hash
1ecf58f9cfa2c0bb2647709717fe06f8
5d2712417e3e0546bb836b84290c3840bc0cad1b
e3ea2203d54a93fbf171653586bc85cd2eab3da54c824043f157f1d4ef72abb9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.2.3 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:15:56 GMT
Accept-Ranges: bytes
Content-Length: 36167
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.2.17

209.126.103.109

200 OK

53 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.2.17
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (52795), with no line terminators
Size
53 kB (52795 bytes)
Hash
4e59061d7ad08f426b0eea2054e83ff2
d5c4b6933833e3d951c7ae685579f320d2756d36
38a930f5f7db4bf0145cfaf542bca5354b9df90a65a7f699ff324b081b14d9fc

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.2.17 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Sat, 03 Oct 2020 13:18:59 GMT
Accept-Ranges: bytes
Content-Length: 52795
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/uploads/2020/11/MuseoSans.otf

209.126.103.109

200 OK

62 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/2020/11/MuseoSans.otf
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
OpenType font data\012- data
Size
62 kB (62504 bytes)
Hash
62c0135163427c652ae397f327f85010
bd0ccc06565f4cc438421bd6f101456815925034
46428f2c539eecc8b06fecb7ea74dc8f945fd9ab25b8b4cabba1aa55f6d91239

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/11/MuseoSans.otf HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Fri, 13 Nov 2020 19:23:13 GMT
Accept-Ranges: bytes
Content-Length: 62504
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/otf

www.edoraseguros.com.br/wp-content/themes/astra/assets/fonts/astra.woff

209.126.103.109

200 OK

3.3 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/themes/astra/assets/fonts/astra.woff
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Size
3.3 kB (3304 bytes)
Hash
bfe0ed8503c926d68f58ed0408dfe0d0
0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 30 Aug 2018 20:37:40 GMT
Accept-Ranges: bytes
Content-Length: 3304
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff

www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js?ver=4.4.3

209.126.103.109

200 OK

123 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js?ver=4.4.3
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65275)
Size
123 kB (122695 bytes)
Hash
00e93736ce410d9a36fb7d376a6524c4
476c60b640e5a4cdc8aa04eda4750d914419d068
4715ff946aa9fdcf7e3385799a479fc6c5d88e6d070f0c62aaf473e5f791fa41

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js?ver=4.4.3 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:15:48 GMT
Accept-Ranges: bytes
Content-Length: 122695
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

209.126.103.109

200 OK

77 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 17:15:48 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff2

www.edoraseguros.com.br/wp-content/uploads/2020/11/Edora_Seguros-160x74.png

209.126.103.109

200 OK

3.8 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/2020/11/Edora_Seguros-160x74.png
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
PNG image data, 160 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3828 bytes)
Hash
6a4145d8f3b2f8daf778b18cd3a341e4
ce1cf27e9f09c89e8ca2bdddb1bd8ce4e01ff5ed
b793fc22959ae378d0f6b7afc16f1597d0912627d63e1ed2b438419985561052

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/11/Edora_Seguros-160x74.png HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Fri, 13 Nov 2020 20:11:37 GMT
Accept-Ranges: bytes
Content-Length: 3828
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

www.edoraseguros.com.br/wp-content/uploads/2018/09/01.jpg

209.126.103.109

200 OK

72 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/2018/09/01.jpg
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, progressive, precision 8, 959x959, components 3\012- data
Size
72 kB (72189 bytes)
Hash
0930718a4be6b5094da683073f821300
a1af689dcfd3b0d004fe9714b30d92c07a8b8bab
9eff65c27b206c05fbf959a962dc842d6a8967671e098b24e20545a3441d5924

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2018/09/01.jpg HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Wed, 19 Sep 2018 17:01:20 GMT
Accept-Ranges: bytes
Content-Length: 72189
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.edoraseguros.com.br/wp-content/uploads/2018/09/02.jpg

209.126.103.109

200 OK

117 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/2018/09/02.jpg
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, progressive, precision 8, 720x720, components 3\012- data
Size
117 kB (116697 bytes)
Hash
d222b1676348241b2057f10bf2b1963e
7b5ff43f972e34c308ba5c2b7cecfa6b6d297371
87423b44213862bd94d8feccb1e97f51e1811c92ebff02bb4ae81afd151a3f71

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2018/09/02.jpg HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Wed, 19 Sep 2018 17:18:10 GMT
Accept-Ranges: bytes
Content-Length: 116697
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

www.edoraseguros.com.br/wp-content/uploads/2018/09/03.jpg

209.126.103.109

200 OK

61 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/2018/09/03.jpg
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x960, components 3\012- data
Size
61 kB (60562 bytes)
Hash
cc2657a775c2bdb5776d120a0d8c9eec
589589bea454af66642e8e4c211bc6bafe2936fe
d3fd9ddbb8ea8bbfa2c2e98583b88ce0d11441343b89e9bd9f76a720b6c14cd9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2018/09/03.jpg HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Wed, 19 Sep 2018 17:33:04 GMT
Accept-Ranges: bytes
Content-Length: 60562
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

www.edoraseguros.com.br/wp-content/uploads/2018/09/04.jpg

209.126.103.109

200 OK

119 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/2018/09/04.jpg
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x949, components 3\012- data
Size
119 kB (119006 bytes)
Hash
78e38ef12e1cf61b55f887aec7686b45
65539c6a9ddcab91e789c50eb4e73d9f26e3606b
f9a3d66cc029ce4d89f08939c9b152313b3d63ac4f842b5fb594b689698895a1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2018/09/04.jpg HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Wed, 19 Sep 2018 22:00:54 GMT
Accept-Ranges: bytes
Content-Length: 119006
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.edoraseguros.com.br/wp-content/uploads/2018/09/05.jpg

209.126.103.109

200 OK

95 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/2018/09/05.jpg
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, progressive, precision 8, 960x958, components 3\012- data
Size
95 kB (94786 bytes)
Hash
cf0dbedd18ad38b5b8ef5af13b36f2e3
8f2727cfa469cd1d0a28e3fe2005b3f6ec0d99fc
4840b7680296b79faabce7eae885759d349639bf26e8c3cebfe31ab5f03d7862

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2018/09/05.jpg HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Wed, 19 Sep 2018 22:02:46 GMT
Accept-Ranges: bytes
Content-Length: 94786
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg

www.edoraseguros.com.br/wp-content/uploads/2018/09/07.jpg

209.126.103.109

200 OK

33 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/2018/09/07.jpg
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 564x619, components 3\012- data
Size
33 kB (33217 bytes)
Hash
ff149430d1d1e985e938d11fc5054396
8224a830413fc64b46c4077490ac3945f8b18272
a25e303d31c45ab65fa27893f8dd7b4f24bb9a33c60b65fe3015d160c6222dd4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2018/09/07.jpg HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Wed, 19 Sep 2018 22:06:16 GMT
Accept-Ranges: bytes
Content-Length: 33217
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

www.edoraseguros.com.br/wp-content/uploads/2018/09/06.jpeg

209.126.103.109

200 OK

366 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/2018/09/06.jpeg
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 713x1213, components 3\012- data
Size
366 kB (366057 bytes)
Hash
0ee741aca80e3086af63f4a32d982e41
d080ff468528142d0865c4cd5b15caf360fd0e2f
a7cd3a167b97a682073b5fa875dcabe27a09645f099c630c94180d74e5e3d708

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2018/09/06.jpeg HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Last-Modified: Wed, 19 Sep 2018 22:04:12 GMT
Accept-Ranges: bytes
Content-Length: 366057
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

www.edoraseguros.com.br/wp-admin/admin-ajax.php

209.126.103.109

200 OK

502 B

URL HTTP/1.1
www.edoraseguros.com.br/wp-admin/admin-ajax.php
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
502 B (502 bytes)
Hash
7f357e8b02714dfb935748c4e75d77a2
13cc8247d4fa48b21db55a41e848febb013fe44a
1b77b279321b5980d39404f883c4ece8ffba541f542aae81c25fe81053838a0f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 184
Origin: https://www.edoraseguros.com.br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:35 GMT
Server: Apache
Access-Control-Allow-Origin: https://www.edoraseguros.com.br
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.edoraseguros.com.br/wp-content/uploads/2020/11/cropped-edora_icon-32x32.png

209.126.103.109

200 OK

829 B

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/2020/11/cropped-edora_icon-32x32.png
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
829 B (829 bytes)
Hash
b0495dbcc7b79d8f692517f6f788892b
98b78b851123b11aee9293a74029d7574efb334a
3aae33559f4b4f4c5a8f516a2880801388f6bdf70765904a13ad36e2a4f75bb7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/11/cropped-edora_icon-32x32.png HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:36 GMT
Server: Apache
Last-Modified: Fri, 13 Nov 2020 19:19:44 GMT
Accept-Ranges: bytes
Content-Length: 829
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png

www.edoraseguros.com.br/wp-content/uploads/2020/11/cropped-edora_icon-192x192.png

209.126.103.109

200 OK

7.6 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/uploads/2020/11/cropped-edora_icon-192x192.png
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
7.6 kB (7636 bytes)
Hash
dcb88bedd42e4eafc7c0f4136d90b576
ba2dcf442970c4d076a78b045d5a0453964ba99c
4d1335992db0fabd8c989adf26f127aebe03676a9229cc08bba17d3728c145b4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/11/cropped-edora_icon-192x192.png HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/cgi-bin/jQNq9wlH1GXU/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:36 GMT
Server: Apache
Last-Modified: Fri, 13 Nov 2020 19:19:44 GMT
Accept-Ranges: bytes
Content-Length: 7636
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/images/logo-green-small.png

209.126.103.109

200 OK

6.9 kB

URL HTTP/1.1
www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/images/logo-green-small.png
IP
209.126.103.109:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6890 bytes)
Hash
3e4f87b63d42ab26642dbeca33689f38
71242d0b1998e8f18ce256d95e396f78b4fef646
0452c822ddcc5508d0a5f1326162578781cd0daf27d338d366fbc6821194e7e4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpt-whatsapp/assets/images/logo-green-small.png HTTP/1.1
Host: www.edoraseguros.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/wp-content/plugins/wpt-whatsapp/assets/css/public.css?ver=2.1.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Mar 2023 14:12:36 GMT
Server: Apache
Last-Modified: Mon, 17 Sep 2018 17:30:26 GMT
Accept-Ranges: bytes
Content-Length: 6890
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png

use.fontawesome.com/releases/v5.1.0/js/v4-shims.js?ver=4.9.22

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.1.0/js/v4-shims.js?ver=4.9.22
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.1.0/js/v4-shims.js?ver=4.9.22 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Mar 2023 14:12:34 GMT
content-type: application/javascript
x-amz-id-2: bxVAw8kK74Hsq2oN1GMvdTga2Bu4kAU8SxnwURjsOCA5lp4ScraKXlEs818+MSYvEizHGrrjsPk=
x-amz-request-id: NKMS4SJGGJSJXKDV
last-modified: Wed, 30 Jun 2021 15:30:32 GMT
etag: W/"88238d38a876234b6c4ae00ac1a784f2"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2274405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIgkgPT2owdzUW4vrTBNm1UzsDXMSEoY3vwtYzXZaeU8jerK87Hnmsz5nmyUdoKwfnZsOL7dagOI42rBT0FyqjXow3RZKq%2Fkf0eD95V%2BlQzKkMXCrjC5T%2FK6LwLce1xJB1Rlto90"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a2279a5a89d24e1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.1.0/js/all.js?ver=4.9.22

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.1.0/js/all.js?ver=4.9.22
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.1.0/js/all.js?ver=4.9.22 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edoraseguros.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Mar 2023 14:12:34 GMT
content-type: application/javascript
x-amz-id-2: vMBVPrDCC5vruln/bmf2afgDXcAxm84Yl8fweDAxmjfY0F/JHRnkYaHHETgb6TgB8I5nVgZmwLE=
x-amz-request-id: BMNPBY65T28W8DAT
last-modified: Wed, 30 Jun 2021 15:30:32 GMT
etag: W/"004993df80280fa6c4af6ca17c4e5433"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2267720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FGNMYtVvR194IEPDW9BRkgeFGNsx3S%2B36kI9vKQdop97gsjv6E1SR%2BAzWV3bmIMTU2MoawOCeC4vSCsMkHLsae6Dt7iQYQ8pumsx7cY4xAwP8Wr6GzlnVpCHSEAVi1LqgK5b1a3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a2279a5b8c324e1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML