| | 20.195.230.98 | 302 Found | 137 B |
URL User Request GET HTTP/2IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashd8a2ba2e1605fddf1e2ee4cf1533e83e 1ffdeb8c109cf30ebc24ad21956975ea336724ce e3fb4328040670b5d86eca1ff2023af89758c5b3bed34ae13f911b110432e1ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /SeaoMnMo HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: private
content-type: text/html; charset=utf-8
location: /Principal/Selecione
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:05 GMT
content-length: 137
X-Firefox-Spdy: h2
|
|
| 2via.co/Principal/Selecione | 20.195.230.98 | 200 OK | 4.1 kB |
URL User Request GET HTTP/22via.co/Principal/Selecione IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash876012f05b135f785ba683aa631a0f7e 0ee12555e3d826c793aae57d864cc69f700fa137 5d6105e59d9140657727423c29257714fa2eef2b109006ad810da1d351b31ffd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Principal/Selecione HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:05 GMT
content-length: 4123
X-Firefox-Spdy: h2
|
|
| 2via.co/Scripts/jquery-3.3.1.min.js | 20.195.230.98 | 200 OK | 30 kB |
URL GET HTTP/22via.co/Scripts/jquery-3.3.1.min.js IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeJavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators Hash378087a64e1394fc51f300bb9c11878c 0c3192b500a4fd550e483cf77a49806a5872185b 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Scripts/jquery-3.3.1.min.js HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2via.co/Principal/Selecione
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 19:54:18 GMT
accept-ranges: bytes
etag: "0911668f867d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:05 GMT
content-length: 30401
X-Firefox-Spdy: h2
|
|
| 2via.co/Content/fonts.css | 20.195.230.98 | 200 OK | 553 B |
URL GET HTTP/22via.co/Content/fonts.css IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash8ad0ce9d5c7822a386e00999fa4fb24c 0e97c93119bdc179ca92a841f4d28fbc9ee01561 22ecb27c25e4a5f76452668503f480d78de4f4776496a2da788a0ba155236e30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Content/fonts.css HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2via.co/Principal/Selecione
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 19:54:18 GMT
accept-ranges: bytes
etag: "0911668f867d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:05 GMT
content-length: 553
X-Firefox-Spdy: h2
|
|
| 2via.co/Content/bootstrap.min-2.css | 20.195.230.98 | 200 OK | 25 kB |
URL GET HTTP/22via.co/Content/bootstrap.min-2.css IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (748), with CRLF line terminators Hash5acdb396b22a487bdfed26f4be34115d b8fe2cbda8ae7a7cd986eab4ebd2cc89334fff7d baaa5f1c9626a471176468b09fac1a6709f56300cd3ec4bc1fc50b240320c5b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Content/bootstrap.min-2.css HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2via.co/Principal/Selecione
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 19:54:18 GMT
accept-ranges: bytes
etag: "0911668f867d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:05 GMT
content-length: 24621
X-Firefox-Spdy: h2
|
|
| 2via.co/Content/padrao.css | 20.195.230.98 | 200 OK | 2.3 kB |
URL GET HTTP/22via.co/Content/padrao.css IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeASCII text, with very long lines (8812), with CRLF line terminators Hashfdb3ef726cd48e6f0fa518f4dc82a7c8 1c89309467a9aa19c18d59905b0ca8ff11c138ab d66aa364ae8daabe896a314f3561f430f0487135d340268c7419aa607f566a35
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Content/padrao.css HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2via.co/Principal/Selecione
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 19:54:18 GMT
accept-ranges: bytes
etag: "0911668f867d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:05 GMT
content-length: 2317
X-Firefox-Spdy: h2
|
|
| 2via.co/Content/images/logopadrao.jpg | 20.195.230.98 | 200 OK | 4.8 kB |
URL GET HTTP/22via.co/Content/images/logopadrao.jpg IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 275x103, components 3 Hash8841fbfbd04a871269446c9e7b5c1aab fd701ed02ab58bd86ecd4e4e48019c58ee33c287 72d103c2d6dd62b0092861f34b69051f122cf3f7e9bb284e430757b288d28c35
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Content/images/logopadrao.jpg HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2via.co/Principal/Selecione
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 05 Apr 2023 19:54:18 GMT
accept-ranges: bytes
etag: "62be6668f867d91:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:05 GMT
content-length: 4808
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v15/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 142.250.74.99 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v15/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP142.250.74.99:443
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22992, version 1.0 Hash1efbd38aa76ddae2580fedf378276333 8a49976f2470ba2a1db6144245355d3b889312e4 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
GET /s/lato/v15/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://2via.co/
Origin: https://2via.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22992
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 04:32:24 GMT
expires: Wed, 23 Apr 2025 04:32:24 GMT
cache-control: public, max-age=31536000
age: 135163
last-modified: Mon, 25 Mar 2019 20:11:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v15/S6u9w4BMUTPHh7USSwiPGQ.woff2 | 142.250.74.99 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v15/S6u9w4BMUTPHh7USSwiPGQ.woff2 IP142.250.74.99:443
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23248, version 1.0 Hash98d8cf792834c0bef59c2be99dc3533d f48e6d698147781b82f573a71f904355274015cd 9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
GET /s/lato/v15/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://2via.co/
Origin: https://2via.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:32:51 GMT
expires: Fri, 18 Apr 2025 17:32:51 GMT
cache-control: public, max-age=31536000
age: 520336
last-modified: Mon, 25 Mar 2019 20:11:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 2via.co/Scripts/bootstrap.4.1.3.min.js | 20.195.230.98 | 200 OK | 14 kB |
URL GET HTTP/22via.co/Scripts/bootstrap.4.1.3.min.js IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeJavaScript source, ASCII text, with very long lines (50758), with CRLF line terminators Hashe47a9d976663a4ce4db5961af909eb58 12ca7264086b9e543605395947c6671edde9ac80 4f3faeec469294b610f6ca82aa1cc2b3368fd56611b31c551c2ee224feadb411
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Scripts/bootstrap.4.1.3.min.js HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2via.co/Principal/Selecione
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 28 Apr 2023 20:03:35 GMT
accept-ranges: bytes
etag: "80459683c7ad91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:05 GMT
content-length: 14104
X-Firefox-Spdy: h2
|
|
| 2via.co/Scripts/scripts.js | 20.195.230.98 | 200 OK | 1.5 kB |
URL GET HTTP/22via.co/Scripts/scripts.js IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash2506679574442a9576ea084afac5bb9e 0541fba43dff50b57560bfdb57a5233c37273d17 d40f541ea13b8a8f20a9fe3709e1108e83176b79d91e9b444cc118f985b981db
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Scripts/scripts.js HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2via.co/Principal/Selecione
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 18:10:27 GMT
accept-ranges: bytes
etag: "806bf555381eda1:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:05 GMT
content-length: 1501
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v15/S6uyw4BMUTPHjx4wXg.woff2 | 142.250.74.99 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v15/S6uyw4BMUTPHjx4wXg.woff2 IP142.250.74.99:443
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23484, version 1.0 Hashb4d2c4c39853ee244272c04999b230ba c82e22dde9716c40ba20e6c7ed03a1b66556de15 c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
GET /s/lato/v15/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://2via.co/
Origin: https://2via.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23484
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 05:26:25 GMT
expires: Wed, 23 Apr 2025 05:26:25 GMT
cache-control: public, max-age=31536000
age: 131922
last-modified: Mon, 25 Mar 2019 20:11:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v15/S6u9w4BMUTPHh50XSwiPGQ.woff2 | 142.250.74.99 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v15/S6u9w4BMUTPHh50XSwiPGQ.woff2 IP142.250.74.99:443
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22572, version 1.0 Hash947e87c53b5765bfc8982613ccd789e9 521905bb4c4ce849285620eb0db5969d14d557ba 7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
GET /s/lato/v15/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://2via.co/
Origin: https://2via.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22572
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 06:12:06 GMT
expires: Fri, 18 Apr 2025 06:12:06 GMT
cache-control: public, max-age=31536000
age: 561181
last-modified: Mon, 25 Mar 2019 20:11:27 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 2via.co/Content/images/bg-home.jpg | 20.195.230.98 | 200 OK | 176 kB |
URL GET HTTP/22via.co/Content/images/bg-home.jpg IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1948x1080, components 3 Size176 kB (175783 bytes) Hash9a164c319c426537900b767d86f1ccd8 c43d382a3f18a431454485bb8b1358d9e56377d5 a7a394a47063949357c069784ec57eaa85332297cb16deafe920ee014a2b5894
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Content/images/bg-home.jpg HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2via.co/Content/padrao.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 05 Apr 2023 19:54:18 GMT
accept-ranges: bytes
etag: "5b436468f867d91:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:06 GMT
content-length: 175783
X-Firefox-Spdy: h2
|
|
| 2via.co/Content/fonts/mcenter.woff | 20.195.230.98 | 200 OK | 4.2 kB |
URL GET HTTP/22via.co/Content/fonts/mcenter.woff IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeWeb Open Font Format, CFF, length 4212, version 1.0 Hashd41eac7015f04784b0354933b2ecd526 6d3a32c89e3162411499abd2b11fb31a23612229 f0a60f93829cdf1f2fde657b720bd2873aff5af69e2e977a7b555ab5427e139e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Content/fonts/mcenter.woff HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://2via.co/Content/padrao.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/x-woff
last-modified: Wed, 05 Apr 2023 19:54:18 GMT
accept-ranges: bytes
etag: "853b6068f867d91:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:06 GMT
content-length: 4212
X-Firefox-Spdy: h2
|
|
| 2via.co/favicon.ico | 20.195.230.98 | 200 OK | 32 kB |
IP20.195.230.98:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://2via.co/Principal/Selecione CertificateIssuerLet's Encrypt Subject2via.co Fingerprint90:80:3C:B5:1E:E4:A1:45:90:61:23:09:C1:A4:90:FA:AB:9A:EF:90 ValiditySat, 13 Apr 2024 21:00:38 GMT - Fri, 12 Jul 2024 21:00:37 GMT
File typeMS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash4859e39ae6c0f1f428f2126a6bb32bd9 1c0c85678ae963bc96d0b7fbe1eb89074cf1fbe0 a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 2via.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2via.co/Principal/Selecione
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
last-modified: Wed, 05 Apr 2023 19:54:18 GMT
accept-ranges: bytes
etag: "323ca668f867d91:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-security-policy: default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security: max-age=31536000;includeSubdomains
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:05:06 GMT
content-length: 32038
X-Firefox-Spdy: h2
|
|