r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3868
Expires: Fri, 30 Sep 2022 07:33:25 GMT
Date: Fri, 30 Sep 2022 06:28:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 06:16:05 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T6Zk0HxEG7VC_E1cXtyzJ6qq7Rq6Pf72769Q5p7P_eciEuiPxmxRag==
Age: 772
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ivTeCbuRdKuqcFrMKvWui7tb7oXwPxI4yCJCdD9a_XFIQ9S3HKUL9Q==
age: 3630
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 06:28:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 05:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 05:51:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vaWKV-G87LTCFhMrpUOIvjnczPPOj0EDYJ_Dj1V073imkSrL86ZZqA==
Age: 3564
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
162.241.60.105200 OK 55 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12698), with CRLF line terminators
Hash cdf6251bbbacfc9338389852ad8773fe
6140017da2e3b23b61425a60155b084e86981bcc
c3abe03004018d0de8c05ee9da1fd57826c3c237167630df1340d5c4ae9f389a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/upgrade/dashboard/card.php?cmd= HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:56 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519336915523
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f09cb223e3dc028c58cf32c2274c3766
ca7f1663a1200941986e786353ed2f3ff50bd0b2
9b89a5534b1a84f0a86f150dc7f1f699bb972f7b8e151b29c02454dd939066ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4953
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 06:28:57 GMT
Last-Modified: Fri, 30 Sep 2022 05:06:24 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/s94156880752687.js
162.241.60.105200 OK 1.3 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/s94156880752687.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4010)
Hash 45d56fe0afe17d104aeedba93a637ac4
b976e339b8cbb7990ccf21e1f80fab11a16c25c6
c6375806f6589789620e3c5bc7b3a6c67bf525dff15e87486e1f2c1ddef3c5c5
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/s94156880752687.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:57 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519337737458
Content-Length: 1347
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/a
162.241.60.105200 OK 7.3 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/a
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6749)
Hash 4e858f13f272e425b30328e401971e36
66477693677f36d7608076b7f8387a1a6d16d091
6fcb5dbe22360fc43bb796b393119b1c1fe73a8ce2ec75e9bbb0f1c2964855af
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/a HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:57 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Content-Length: 7250
Vary: User-Agent
X-Generated: t=1664519337815664
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/AppMeasurement_Module_AudienceManagement.js
162.241.60.105200 OK 11 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/AppMeasurement_Module_AudienceManagement.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type exported SGML document, ASCII text, with very long lines (24962)
Hash f9861fe6306a4440ab36c596685a1ae4
a81a22945e5a8cdceb288aef4fd28db207d546da
4a8fe05a9638e825e453e5561ff56c5db2361c58414362a1617086f88a7b31bf
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/AppMeasurement_Module_AudienceManagement.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:57 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519337862811
Content-Length: 10876
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RC5c7ea78b436c45038bcc61c2a198e02e-source.js
162.241.60.105200 OK 1.1 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RC5c7ea78b436c45038bcc61c2a198e02e-source.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2226)
Hash f69500055c5d9fc89cd1c3b9c248ed74
fa3a4050abc4efb1b932d5d96f952b451a3e3538
43f6ecfc240388eb5bc375f8f568a9b69a3010c4b30ac813b32aef61c366629d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/RC5c7ea78b436c45038bcc61c2a198e02e-source.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:57 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519337940404
Content-Length: 1100
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/AppMeasurement.js
162.241.60.105200 OK 15 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/AppMeasurement.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32766)
Hash ec915b6a3b95fb6c30e0617c4759a78f
4151f5e7fc41e9e20a522f7fd2c63699e37360e0
4bb349d0a5a549c873c2f1f7093131e7b4fb26eddcbfd84769b0f2041b42296f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/AppMeasurement.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:57 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519337863257
Content-Length: 14928
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/styles.css
162.241.60.105200 OK 34 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/styles.css
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (46290)
Hash 0b75e309ae3a1c260a39f10b2bebc3dd
25d71a0e479330848e9db0cbdd99d369d8be0b49
37f6a40f8f1b5309614e01d0e1ea6c5dc0fa44cbe14e46a0b64f0f84ac8eeee2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/styles.css HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:57 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 18 May 2022 18:44:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519337858573
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
push.services.mozilla.com/
52.27.12.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.27.12.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R2Bga0bzZUy+9bzu8djvIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Oc8NeR4LksB8fOjwm0hYEq1HDK0=
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RC1e56fd697cbd42fa97a5bcfe3f3781c1-source.js
162.241.60.105200 OK 1.7 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RC1e56fd697cbd42fa97a5bcfe3f3781c1-source.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3243)
Hash 9fcd0c63701bd20f58a8cf86e7f1a904
0be4a6ac011f523151e27576b529c9b75d6a5cba
6972c7b59ad9f96f6fa4cfb96161f70a025d9f4bb2605b97e9e788d144d7cfc9
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/RC1e56fd697cbd42fa97a5bcfe3f3781c1-source.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:57 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519337990873
Content-Length: 1671
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 707ae9fcdd83ff2684b843a21df14785
b32e881855867f5436205cca76f1f75062dbedf0
9b8c1f6775cc9961816ab6c78a406036ff4e1278141f3950868bc6dfc87fe3fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 06:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/tag.js
162.241.60.105200 OK 9.1 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/tag.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21652), with no line terminators
Hash ff5a1baedd30f131b97f3c012245e423
750abb823d81773ea6546d93dff844a1752cfe20
db6299bc5bc23671fc25dd62a5acd79d69a9cbc10d0d6a4052aee8f30b8d6e62
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/tag.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338066374
Content-Length: 9066
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RCab335366d32142a3a4f86ea7712fe501-source.js
162.241.60.105200 OK 789 B URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RCab335366d32142a3a4f86ea7712fe501-source.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2194)
Hash 6249dfb113ee405720d19b2b3663235e
dba797d67a3ddfbb3c3ff3f9c0ec50f7668c2577
2cde5b90891234e272c591f23325db4dfb07233e11dd94f7431c923e5a972423
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/RCab335366d32142a3a4f86ea7712fe501-source.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338106898
Content-Length: 789
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/12.js
162.241.60.105200 OK 22 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/12.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (56331), with no line terminators
Hash 3e4b29b865aa49e223ff906a2fc00968
015597535d3165029c4e4b9a763948b1b6986277
7750dbca7ce90bca77f925bdc3b194138c82fd4b3bed52553938761c77c92e79
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/12.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338110808
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 707ae9fcdd83ff2684b843a21df14785
b32e881855867f5436205cca76f1f75062dbedf0
9b8c1f6775cc9961816ab6c78a406036ff4e1278141f3950868bc6dfc87fe3fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 06:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RC43d94eaa55c14bc4b5c3550f47c01195-source.js
162.241.60.105200 OK 1.3 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RC43d94eaa55c14bc4b5c3550f47c01195-source.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3874)
Hash afc2d4050b923291e3e6ffd9835e433b
d9c87d165ae943bd6d1f1d95803696e1fe63d344
4a2485286e3e8c31b7132238ff0f507d237657165f8d0d51e1fd78c0c34966dc
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/RC43d94eaa55c14bc4b5c3550f47c01195-source.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338191893
Content-Length: 1297
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/truist_common.js
162.241.60.105200 OK 126 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/truist_common.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Size 126 kB (125725 bytes)
Hash e2718371114c7c6aeb1291aadf471ea5
374e4a82df9f58b8a72f7d908c2bb0d702b1778e
47188f24e23cee909104e772109897fadf4d5e00afeb68ead9d52406fe013d4d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/truist_common.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:57 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519337861692
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/1.js
162.241.60.105200 OK 9.0 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/1.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28484), with no line terminators
Hash 3745ac15fe2d6ea6f30dccaff34e3ffb
eb37a11cdf885eab4ee64fca165b15ceebc912cc
7a587678a359302d2cc53256f36962d5f94939872b36a32ad4b697515dcf7461
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/1.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338238128
Content-Length: 8965
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RC5a52a9672ce34a87955f552653e96cab-source.js
162.241.60.105200 OK 265 B URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RC5a52a9672ce34a87955f552653e96cab-source.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash be2c6ca98afb21102d8c20b05d4a0f55
708f5793f9cf9ab3bba4088347354c0636245bb0
25c761c85c6ff0ce2cc2ad3eeccb9d557c3b6787ee8dc2ed22618e1ce91ac8d7
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/RC5a52a9672ce34a87955f552653e96cab-source.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338317895
Content-Length: 265
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RC25bf516d064448bc8e84dd801b62e1fe-source.js
162.241.60.105200 OK 1.8 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/RC25bf516d064448bc8e84dd801b62e1fe-source.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5070)
Hash 33fdb88ce7687363256e8f6c36d117ea
f46240bf186c9dafff2753fe693cd1b577bd5fb9
cc43b84039ac9ab53fee9060dc210e4ec050d2325e0da41a0685da4d85d6a9ac
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/RC25bf516d064448bc8e84dd801b62e1fe-source.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338344039
Content-Length: 1761
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/a_002.js
162.241.60.105200 OK 112 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/a_002.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Size 112 kB (111952 bytes)
Hash 02dbee473ab6800ec16624e389acf47b
d99813b2e296426c068663133097f04039c3bc6b
36e9963aab9d3f529dcc1a2291298738df3dbe3eb6ba1cb5173ca232dc10ff62
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/a_002.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338116610
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/a.js
162.241.60.105200 OK 1.9 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/a.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9273), with no line terminators
Hash 7a4b5f473f945204eddbe7d4c5af3833
6ba7de51db4b153cd0e925c64d837df270d01b10
19a26fd4947eede599daa4567d918941604837a0eaddf0de109b7ae4153fe24f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/a.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338357674
Content-Length: 1882
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/runtime-es2015.js
162.241.60.105200 OK 1.2 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/runtime-es2015.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2314), with no line terminators
Hash 593afc0666680ecc85ee203665cb6f9d
ae0b3eefa12ccec35ef43b8199795cad6d679318
55f001529de48bb1ca40c9a17eafab8acd6b5496b234fc3c8633333cd02d090f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/runtime-es2015.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338358869
Content-Length: 1200
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/scripts.js
162.241.60.105200 OK 3.3 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/scripts.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9633), with no line terminators
Hash 74f96498fa95924d4bbe357af9644efc
c513dd927c78b85a60e66aec92d72929c2621d6e
faa31dc7409918326eef2a608c1bbdb98432a4dffbd5ca12a5661564c213bd8d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/scripts.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338442128
Content-Length: 3327
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/s95302694272683.js
162.241.60.105200 OK 1.3 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/s95302694272683.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4010)
Hash 0b9e253e3420596a01741f73dc9a29e8
81f1e067d3c7f3547f22267a0f13f4dc3f9988b3
a1e968ae9d272a05b2a714629db71aede11ec8ed3c6a87c6741065581707adf9
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/s95302694272683.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338482734
Content-Length: 1348
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/css2.css
162.241.60.105200 OK 1.2 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/css2.css
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f0d4941a65f105abe3ea6d18a65c08c7
1fad6cf97435e9dc704492c055d8f42c2dca4ee2
2ff9b7703cadb74c836977e12715b70a05413257ffc017e0d77b6579e1c71d0f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/css2.css HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338483502
Content-Length: 1162
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/icon.css
162.241.60.105200 OK 335 B URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/icon.css
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash ab5e47d585045d5d6d16fb64b63dba4d
98c58391fc518d1f029beff649f1bbcc1964bfac
6e93669e7eb33940a8ac58b1a316c923f29a5a048dbea773cec0501b0f0d0346
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/icon.css HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338484110
Content-Length: 335
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/css.css
162.241.60.105200 OK 1.1 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/css.css
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5aeec684d0dbee9f6a80b77140de3c60
a399168ed51bcda32a9eba5af1837587a7a86274
0f04e519321829f60240bd7800246b12506a5ebec659db9c2676a68959023865
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/css.css HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338515554
Content-Length: 1098
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/CoreModule.js
162.241.60.105200 OK 38 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/CoreModule.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 10742835b91f18a460a6f6515528e7f9
2c6eca746b282efd36324c5caa743b73ef4f1e0e
6e408a75f25e95ed76e37951f676fcffb9f88beadbdb870c694ebea4a236f43e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/CoreModule.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338567627
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/InfoBarModule.js
162.241.60.105200 OK 2.4 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/InfoBarModule.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5783), with no line terminators
Hash 027f45210772f48ddef50e08eccf458a
40089cef0e47466a148c26fa618150f82dff6fb1
288d5571278736b58e6181c6b9da7d05d14d2f31d624f0cd2993852f9927571b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/InfoBarModule.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338606384
Content-Length: 2396
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/storage.js
162.241.60.105200 OK 16 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/storage.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (38562), with no line terminators
Hash d0ce3981422e4776f97077c91f69628c
35f3f980b30353b8452f8a7bc08b42b02b538f82
9ec00d22424a6b424b1ad4d924823f470cc2232b719fe658585e714584718898
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/storage.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338607130
Content-Length: 16166
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/2.jpg
162.241.60.105200 OK 9.0 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/2.jpg
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 195x195, components 3\012- data
Hash d04e66bb52fe4edc15f4eec6411e4377
6dd41912a7e09fa8e1444146d2551cb3232425f7
6c9ba31d77cab87bbbdf5d6c3936bcc9361b0adba9ac321cc6e5fe7ad2f18e83
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/2.jpg HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Tue, 23 Nov 2021 02:21:28 GMT
Accept-Ranges: bytes
Content-Length: 8956
Vary: User-Agent
X-Generated: t=1664519338639232
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/jpeg
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
23.38.200.237200 OK 8.8 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
IP 23.38.200.237:0
File type exported SGML document, ASCII text, with very long lines (24962)
Hash 91ef149792868e190108180b3feddba5
b33e6929142cdd60a29502586d7df805350ae0da
5ca4b61cfd7227130c941ce5d55efeb0daf98328421268545f3ae1f47bcaecaf
GET /extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 8762
expires: Fri, 30 Sep 2022 07:28:58 GMT
date: Fri, 30 Sep 2022 06:28:58 GMT
cache-control: no-cache
access-control-allow-origin: http://radiobrasilitalia.com.br
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
23.38.200.237200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32766)
Hash ef1dca45932932a17b01c4b6946f6042
0f0f0501b7d48e1e2b2aead666d9b9b59c07720c
37d818de56459121621e8df2e54ff42109e6ac62fab1ead9aae508fab006073d
GET /extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12184
expires: Fri, 30 Sep 2022 07:28:58 GMT
date: Fri, 30 Sep 2022 06:28:58 GMT
cache-control: no-cache
access-control-allow-origin: http://radiobrasilitalia.com.br
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 989ded2e61e68f151e2e8301eaac0b4a
87d9d9767fba33bf0e063c2f33caf0f99ef143a8
5bad88a8344a2a792e1925c7a3ebc948a8bfe60bbd6ce3a78e9ed5c8170d3318
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1975
Cache-Control: max-age=169846
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 06:28:58 GMT
Etag: "6336796a-1d7"
Expires: Sun, 02 Oct 2022 05:39:44 GMT
Last-Modified: Fri, 30 Sep 2022 05:06:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=AA7A3BC75245B3BC0A490D4D%40AdobeOrg&d_nsid=0&ts=1664519335514
54.77.35.16200 OK 1.3 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=AA7A3BC75245B3BC0A490D4D%40AdobeOrg&d_nsid=0&ts=1664519335514
IP 54.77.35.16:0
File type JSON data\012- , ASCII text, with very long lines (4008), with no line terminators
Hash 1b2230899c3f6e0b298a732a612a7139
49d90493af1bfc7b16750b47e0da1157c611f303
9f10790789acc414cc5c8a8db8865eb6bc325ce90742fba58f03a6ae6c636f3b
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=AA7A3BC75245B3BC0A490D4D%40AdobeOrg&d_nsid=0&ts=1664519335514 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://radiobrasilitalia.com.br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://radiobrasilitalia.com.br
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-02e7166cb.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=09833086645184957312949379876368623266; Max-Age=15552000; Expires=Wed, 29 Mar 2023 06:28:58 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: YYAPVxsQS8A=
Content-Length: 1344
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11592
Expires: Fri, 30 Sep 2022 09:42:10 GMT
Date: Fri, 30 Sep 2022 06:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11592
Expires: Fri, 30 Sep 2022 09:42:10 GMT
Date: Fri, 30 Sep 2022 06:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11592
Expires: Fri, 30 Sep 2022 09:42:10 GMT
Date: Fri, 30 Sep 2022 06:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11592
Expires: Fri, 30 Sep 2022 09:42:10 GMT
Date: Fri, 30 Sep 2022 06:28:58 GMT
Connection: keep-alive
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/launch-a297eee1f591.js
162.241.60.105200 OK 9.7 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/launch-a297eee1f591.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8337b3316a9c7ee94fea710d83ab5b70
632f621fe04de121001fb4d3b51fa8e318376bb2
070deb0d8955fabda308ae55d6ed0ebead9a5ea310b913e6ef762eb16b63c100
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/launch-a297eee1f591.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:57 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519337860211
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24cef79d-42ec-48b2-836a-cadc1834ec49.webp
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24cef79d-42ec-48b2-836a-cadc1834ec49.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25b92064116b129f71965069f247c50c
59c648aefd1049ce6fc899262ee3aadb16cb18d3
672a701dbd5bb1c2a0ead5940425c43245c50a2f473a3436bc533038a555af84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24cef79d-42ec-48b2-836a-cadc1834ec49.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5928
x-amzn-requestid: 12165671-e125-4a12-812d-6de3a5caf393
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPegcGENIAMFy6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361135-26257c394a1b2c315a721720;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:42:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1-qHCG-GfLqZIXBO9NI8eJnHv3VwDljUdVkasRG8g_Y5BQv2xspdXQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:42:14 GMT
age: 31604
etag: "59c648aefd1049ce6fc899262ee3aadb16cb18d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed1b116a-12f1-445b-8a5f-9353e3780e4f.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed1b116a-12f1-445b-8a5f-9353e3780e4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b5c947ae0b46d0d8891da8b91b299d6
6edbfb2ea042482253f7d3d75cb1bd0b6c6a5f1f
ec7f8e44224ac291a1d66d8d99dfb44122bc85762fb9351738ce6d1c6ab72d47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed1b116a-12f1-445b-8a5f-9353e3780e4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6596
x-amzn-requestid: 0e130e37-9710-4fe9-a406-a26f4ed8650c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASNPHSYIAMF0tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffd87-39a73c5476ddd0b2112f5f07;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:04:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jhL_FzO_MIL5trbUJzod1scymtl7JZSRvwSW4RMD7l__4x4rejeIzg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 13:09:45 GMT
age: 62353
etag: "6edbfb2ea042482253f7d3d75cb1bd0b6c6a5f1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95b5f6af-0368-4914-a31b-9637ad00feda.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95b5f6af-0368-4914-a31b-9637ad00feda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da2bb5dc3c41d9956752c2e7a72c6eb6
d9c7b0dea148896017492aad6c02ca6fadf17ebb
28b08565a224d8bd81e3cbb65f2e70a9025d67af5e4cff9cbd673aa416de8aa7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95b5f6af-0368-4914-a31b-9637ad00feda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5754
x-amzn-requestid: dfa32296-9f66-4237-b8fe-9353a1920f71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZaGpZoAMFjcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-0a6fed7e2f3a80cd7579de93;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1CYVveZybLOpAwvniJLvUxJJOil9CA1b6hut46pxcB6p_iqvmQTwoA==
via: 1.1 2ecd59b4298afe9d7bb9266870458a74.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:58:50 GMT
age: 30608
etag: "d9c7b0dea148896017492aad6c02ca6fadf17ebb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33d8a1c1782f57095619cfba8c58a4a5
9f21cefa8882ea63961ae2eb51b7cd406b2358d6
47c04dd3680f76a5bc54157c64d64dcb7dea517c8dace4fdcf8e46df43fa9cae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10272
x-amzn-requestid: 443e641f-25dc-456c-bb7f-ae23153dc52d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVSwECzoAMFpeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633268de-20524e433a72428653175a94;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: k1I8tevinkxbPVl-cUWVt8vOEqQK5rxo5B17xyQGMSkCUbrbNj4AmA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 05:17:20 GMT
age: 4298
etag: "9f21cefa8882ea63961ae2eb51b7cd406b2358d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7bce41c-9706-4324-8a06-1509b48a771d.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7bce41c-9706-4324-8a06-1509b48a771d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92adf4a1167591fe092a2ee8871df6cf
2a6ac7433a03249398daa4b2cba3359e8d35f8f8
d01207d858c49c41779c64221cae37855c70ffe3dd9c0fab299bf20e23cd2cce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7bce41c-9706-4324-8a06-1509b48a771d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6616
x-amzn-requestid: 40a8fe67-c47d-4337-a262-5ae47883b224
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPePpHJVIAMF8Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633610ca-51c57d2247517e3a71a2917c;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:40:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -WZNiveado-qJAyUINR0MrFtuEiMUl9SEJ0G8EbPW1A-4x_teOwXsg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:48:40 GMT
age: 31218
etag: "2a6ac7433a03249398daa4b2cba3359e8d35f8f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 06:28:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 06:28:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
142.250.74.163200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://radiobrasilitalia.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 20:36:08 GMT
expires: Fri, 29 Sep 2023 20:36:08 GMT
cache-control: public, max-age=31536000
age: 35571
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/materialiconsoutlined/v108/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
142.250.74.163200 OK 155 kB URL HTTP/2 fonts.gstatic.com/s/materialiconsoutlined/v108/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), CFF, length 155276, version 1.0\012- data
Size 155 kB (155276 bytes)
Hash 0ba49c096a77b67734434cebcaf2e14d
2f9e28ab559782402f27332633c843c40209d95a
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
GET /s/materialiconsoutlined/v108/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://radiobrasilitalia.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 155276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 04:37:00 GMT
expires: Fri, 29 Sep 2023 04:37:00 GMT
cache-control: public, max-age=31536000
age: 93119
last-modified: Thu, 11 Aug 2022 01:57:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 06:28:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
suntrustbanksinc.demdex.net/dest5.html?d_nsid=0
52.30.136.248200 OK 2.8 kB URL HTTP/1.1 suntrustbanksinc.demdex.net/dest5.html?d_nsid=0
IP 52.30.136.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: suntrustbanksinc.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 30 Sep 2022 06:28:59 GMT
DCS: dcs-prod-irl1-2-v044-02f73253e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:47:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: O5CIG1RfRUw=
Content-Length: 2791
Connection: keep-alive
suntrust.tt.omtrdc.net/rest/v1/delivery?client=suntrust&sessionId=d79b7297c6584ec498ea1874ced6235b&version=2.4.1
15.188.95.229200 OK 303 B URL HTTP/1.1 suntrust.tt.omtrdc.net/rest/v1/delivery?client=suntrust&sessionId=d79b7297c6584ec498ea1874ced6235b&version=2.4.1
IP 15.188.95.229:0
File type JSON data\012- , ASCII text, with very long lines (351), with no line terminators
Hash e1eeb07ad913fd486a328b8bfd7fed27
46313f5f32afc9f71d73d67c6688bb94081f8627
99c5b4c6a61f676120b8d37d4e999f24b0b87bf31f0a1c1e9eeff6f645f383f7
POST /rest/v1/delivery?client=suntrust&sessionId=d79b7297c6584ec498ea1874ced6235b&version=2.4.1 HTTP/1.1
Host: suntrust.tt.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain
Content-Length: 895
Origin: http://radiobrasilitalia.com.br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
HTTP/1.1 200 OK
date: Fri, 30 Sep 2022 06:28:59 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: http://radiobrasilitalia.com.br
access-control-allow-credentials: true
x-request-id: 63401219-b7b2-4571-9b9f-fc13e673bd07
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
content-encoding: gzip
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server: jag
transfer-encoding: chunked
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 4604a9e9bf1888cede328161a7fbdf36
0b4cbe544acf979f2a769c09a0ede84a72383471
f70c0381c8aac00d055dfcfef5ca2b1406a28f6eb7bc290f08ebdaee4ec8bad5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 06:29:00 GMT
Last-Modified: Fri, 30 Sep 2022 05:41:09 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OXPX16z8DGblRJcxpBuQ0oMk4g_ntcizOKFLfrpiq4MbnNNof8RdYA==
Age: 2871
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 4604a9e9bf1888cede328161a7fbdf36
0b4cbe544acf979f2a769c09a0ede84a72383471
f70c0381c8aac00d055dfcfef5ca2b1406a28f6eb7bc290f08ebdaee4ec8bad5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 06:29:00 GMT
Last-Modified: Fri, 30 Sep 2022 04:57:14 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cwzzdCtZBYpDyn25RHFgxQIp7IYuSikZRYYobKbs-2J6p6CMpoA0mw==
Age: 5506
cm.everesttech.net/cm/dd?d_uuid=09833086645184957312949379876368623266
52.215.56.149302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=09833086645184957312949379876368623266
IP 52.215.56.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=09833086645184957312949379876368623266 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 30 Sep 2022 06:29:00 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzaMrAAAAKEeRQOJ; Domain=.everesttech.net; Expires=Sat, 30-Sep-2023 06:29:00 GMT; Path=/
everest_session_v2=YzaMrAAAAKEeRgOJ; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzaMrAAAAKEeRQOJ
Server: AMO-cookiemap/1.1
pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
34.240.187.94302 Found 457 B URL HTTP/1.1 pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
IP 34.240.187.94:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (323)
Hash 36dc48f1108d375e2841daf8535f3c1f
ade1d3ab7bcd964704adc8da82c82701063a5220
df0b47332fc0a3732b776b6d75271861052095716c86e1dbfc53e7dc6002f2bc
GET /1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP/1.1
Host: pixel.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suntrustbanksinc.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 30 Sep 2022 06:29:00 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 457
Connection: keep-alive
Server: Apache
Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXphTXJBQUFBYlM4LWhCOQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__
dpm.demdex.net/ibs:dpid=411&dpuuid=YzaMrAAAAKEeRQOJ
54.77.35.16302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=YzaMrAAAAKEeRQOJ
IP 54.77.35.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=YzaMrAAAAKEeRQOJ HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://radiobrasilitalia.com.br/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-0460362a2.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzaMrAAAAKEeRQOJ
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=21250240760523846920668720859019432137; Max-Age=15552000; Expires=Wed, 29 Mar 2023 06:29:00 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: EvKOsbVzRgk=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzaMrAAAAKEeRQOJ
54.77.35.16200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzaMrAAAAKEeRQOJ
IP 54.77.35.16:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzaMrAAAAKEeRQOJ HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://radiobrasilitalia.com.br/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v044-0f3529585.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: zaO9qY/OQGw=
Content-Length: 59
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 271b44a3611bd0507079c8ace811e31b
ad9c9b11eb43eebde519b94128772a81e3166f8d
125dab4ef91481576205501536d51f0b2401c4b2fa75093ccc917a4ebb882a40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 06:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXphTXJBQUFBYlM4LWhCOQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__
142.250.74.34302 Found 487 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXphTXJBQUFBYlM4LWhCOQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (310), with CRLF, LF line terminators
Hash 81ed69ba1f914d29bd60f5aaafd36ed5
2fa6770cfdf19ebc56d685eae7ba77466cc1677f
62ccf223532184de63e53dac8467ca76b0ceda0a6d46ca2b32f7298111a6cac9
GET /pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXphTXJBQUFBYlM4LWhCOQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://suntrustbanksinc.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&google_hm=WXphTXJBQUFBYlM4LWhCOQ&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_tc=
date: Fri, 30 Sep 2022 06:29:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 487
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Sep-2022 06:44:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&google_hm=WXphTXJBQUFBYlM4LWhCOQ&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_tc=
142.250.74.34302 Found 413 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&google_hm=WXphTXJBQUFBYlM4LWhCOQ&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_tc=
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6dd125f3ddfa86457dba90be798b2a56
58cc4409345297923bb2ea2bdb4e5b68ebd2a17f
ed387769b578200fcc090c05c8cbdb14ee5ca205928bbc9b7798c848c8a5ce87
GET /pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&google_hm=WXphTXJBQUFBYlM4LWhCOQ&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://suntrustbanksinc.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_error=3
date: Fri, 30 Sep 2022 06:29:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 413
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 271b44a3611bd0507079c8ace811e31b
ad9c9b11eb43eebde519b94128772a81e3166f8d
125dab4ef91481576205501536d51f0b2401c4b2fa75093ccc917a4ebb882a40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 06:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 48ffa32459505118c67a34dca46f61d3
494e2eed2c3f8bc11252e02d2bc103c2a0f42818
7bac137e7acbd4afe21395dcb103bc30941373c2291b92d74562498ac92f1b74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 06:29:00 GMT
Server: ECS (dcb/7EC8)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VwJxm3-qj9Bp3FqPvOe4B6pGTAjAkcKVcsUOeuLg1IVYP1nWmn5TnA==
cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_error=3
52.215.56.149302 0 B URL HTTP/1.1 cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_error=3
IP 52.215.56.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_error=3 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://suntrustbanksinc.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 30 Sep 2022 06:29:00 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzaMrAAAAJ-d8gN6; Domain=.everesttech.net; Expires=Sat, 30-Sep-2023 06:29:00 GMT; Path=/
everest_session_v2=YzaMrAAAAJ-d8wN6; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WXphTXJBQUFBSi1kOGdONg
Server: AMO-cookiemap/1.1
cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3
52.215.56.149302 0 B URL HTTP/1.1 cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3
IP 52.215.56.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://suntrustbanksinc.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 30 Sep 2022 06:29:00 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzaMrAAAAB4X-wN-; Domain=.everesttech.net; Expires=Sat, 30-Sep-2023 06:29:00 GMT; Path=/
everest_session_v2=YzaMrAAAAB4YAAN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WXphTXJBQUFBQjRYLXdOLQ
Server: AMO-cookiemap/1.1
deposits.digitalcommerce.truist.com/deposits/favicon.ico
143.204.55.117302 Found 0 B URL HTTP/2 deposits.digitalcommerce.truist.com/deposits/favicon.ico
IP 143.204.55.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /deposits/favicon.ico HTTP/1.1
Host: deposits.digitalcommerce.truist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://deposits.digitalcommerce.truist.com/product
server: CloudFront
date: Fri, 30 Sep 2022 06:29:00 GMT
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Eta4dWlk3R15fdHiEjZm8UFNolkNGd1840z-BFeo5mztvdAfwaIUjQ==
X-Firefox-Spdy: h2
cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3
52.215.56.149302 0 B URL HTTP/1.1 cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3
IP 52.215.56.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://suntrustbanksinc.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 30 Sep 2022 06:29:00 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzaMrAAAAHHuDwOV; Domain=.everesttech.net; Expires=Sat, 30-Sep-2023 06:29:00 GMT; Path=/
everest_session_v2=YzaMrAAAAHHuEAOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WXphTXJBQUFBSEh1RHdPVg
Server: AMO-cookiemap/1.1
cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3
52.215.56.149302 0 B URL HTTP/1.1 cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3
IP 52.215.56.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://suntrustbanksinc.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 30 Sep 2022 06:29:00 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzaMrAAAAIecPgNe; Domain=.everesttech.net; Expires=Sat, 30-Sep-2023 06:29:00 GMT; Path=/
everest_session_v2=YzaMrAAAAIecPwNe; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WXphTXJBQUFBSWVjUGdOZQ
Server: AMO-cookiemap/1.1
cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3
52.215.56.149302 0 B URL HTTP/1.1 cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3
IP 52.215.56.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://suntrustbanksinc.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 30 Sep 2022 06:29:00 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzaMrAAAAFC77gN-; Domain=.everesttech.net; Expires=Sat, 30-Sep-2023 06:29:00 GMT; Path=/
everest_session_v2=YzaMrAAAAFC77wN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WXphTXJBQUFBRkM3N2dOLQ
Server: AMO-cookiemap/1.1
cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3
52.215.56.149302 0 B URL HTTP/1.1 cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3
IP 52.215.56.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/ax?cookieid=&ev_rs=1&url=/1x1&google_error=3 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://suntrustbanksinc.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 30 Sep 2022 06:29:00 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzaMrAAAAF-uiQOV; Domain=.everesttech.net; Expires=Sat, 30-Sep-2023 06:29:00 GMT; Path=/
everest_session_v2=YzaMrAAAAF-uigOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WXphTXJBQUFBRi11aVFPVg
Server: AMO-cookiemap/1.1
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/undefined//accdn.lpsnmedia.net/api/account/28229424/configuration/setting/accountproperties/?cb=lpCb96009x32002
162.241.60.105301 Moved Permanently 0 B URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/undefined//accdn.lpsnmedia.net/api/account/28229424/configuration/setting/accountproperties/?cb=lpCb96009x32002
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/upgrade/dashboard/undefined//accdn.lpsnmedia.net/api/account/28229424/configuration/setting/accountproperties/?cb=lpCb96009x32002 HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196; at_check=true
HTTP/1.1 301 Moved Permanently
Date: Fri, 30 Sep 2022 06:28:59 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/undefined/accdn.lpsnmedia.net/api/account/28229424/configuration/setting/accountproperties/?cb=lpCb96009x32002
Vary: User-Agent
X-Generated: t=1664519339237812
Content-Length: 0
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Light-Web.ce61f0c6c0ebb04bd08a.woff2
162.241.60.105404 Not Found 33 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Light-Web.ce61f0c6c0ebb04bd08a.woff2
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261)
Hash 7bb033808e2fc27828b71339fffc6a6d
ed1d3d03840df8f317669f765e932a998d002724
e9f3a3e311c293c8d0384ed08bbc50ec916aa178699a909afde3e4bf91f454b9
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/Graphik-Light-Web.ce61f0c6c0ebb04bd08a.woff2 HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/styles.css
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196; at_check=true
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 06:28:59 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://radiobrasilitalia.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
X-Generated: t=1664519339058373
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Medium-Web.eea98049c3b65bb9c9b8.woff2
162.241.60.105404 Not Found 33 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Medium-Web.eea98049c3b65bb9c9b8.woff2
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261)
Hash c6b95bd02fa4bd7beb2b3bd470600f06
6d60b3cb92d94b253160dc20e5f20325b64f4389
cc07770b755775a0d514134dff319fd18aaed3512bbd287c41315da7b87fd25c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/Graphik-Medium-Web.eea98049c3b65bb9c9b8.woff2 HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/styles.css
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196; at_check=true
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 06:28:59 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://radiobrasilitalia.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
X-Generated: t=1664519339048051
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Regular-Web.964ebe1d5f67a101f88c.woff2
162.241.60.105404 Not Found 33 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Regular-Web.964ebe1d5f67a101f88c.woff2
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261)
Hash b927c6e5202f3468fde7b9017cd8f74a
7edbae40e7bf13ca7de12a2e6cafe51348d52363
6e5bbb456d45c0f66dbe973ef47570fc33bd2883a313141a38740497349bd869
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/Graphik-Regular-Web.964ebe1d5f67a101f88c.woff2 HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/styles.css
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196; at_check=true
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 06:28:59 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://radiobrasilitalia.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
X-Generated: t=1664519339050968
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/assets/img/icons/tru-core-icon-sprite.svg
162.241.60.105404 Not Found 8.4 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/assets/img/icons/tru-core-icon-sprite.svg
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261)
Hash 0bd301f939eb5edae8ec48b6c2cf4417
cc0aa0f857e41f68b5f6017eab60b604313fff56
a97224e4f5a7b78b7a053bf7bd969fab4e56e6fca9604d4488713f69e2f3bfd6
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/assets/img/icons/tru-core-icon-sprite.svg HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196; at_check=true
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 06:28:59 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://radiobrasilitalia.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519339036275
Content-Length: 8377
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/undefined//accdn.lpsnmedia.net/api/account/28229424/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
162.241.60.105301 Moved Permanently 0 B URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/undefined//accdn.lpsnmedia.net/api/account/28229424/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/upgrade/dashboard/undefined//accdn.lpsnmedia.net/api/account/28229424/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196; at_check=true
HTTP/1.1 301 Moved Permanently
Date: Fri, 30 Sep 2022 06:29:02 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/undefined/accdn.lpsnmedia.net/api/account/28229424/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Vary: User-Agent
X-Generated: t=1664519342305737
Content-Length: 0
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Bold-Web.8b7c8b0da5f5c9a40257.woff2
162.241.60.105404 Not Found 33 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Bold-Web.8b7c8b0da5f5c9a40257.woff2
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261)
Hash 7caed02dc11cd64e1105c75b0e47a647
40ccba8c84819d20aaff826f8b073fccf7f8e042
43e6a599cf865f842c08cf590069946a63bb1738d3eeae816ddda51b91e9912b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/Graphik-Bold-Web.8b7c8b0da5f5c9a40257.woff2 HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/styles.css
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196; at_check=true
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 06:28:59 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://radiobrasilitalia.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
X-Generated: t=1664519339056353
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/undefined/accdn.lpsnmedia.net/api/account/28229424/configuration/setting/accountproperties/?cb=lpCb96009x32002
162.241.60.105404 Not Found 8.5 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/undefined/accdn.lpsnmedia.net/api/account/28229424/configuration/setting/accountproperties/?cb=lpCb96009x32002
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261)
Hash 263b7e74293b3a0e9302725424f697fb
e091a2dc08d15f9f252b9e4073108fbfdd05fd66
8e2759c119352a775210394654d0303573946b23040fab5ad5ca153c5b2636e3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/undefined/accdn.lpsnmedia.net/api/account/28229424/configuration/setting/accountproperties/?cb=lpCb96009x32002 HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
Connection: keep-alive
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CMCMID%7C04353901072699039642540583954215984397%7CMCAAMLH-1665124136%7C6%7CMCAAMB-1665124136%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1664526536s%7CNONE%7CMCSYNCSOP%7C411-19273%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196|PC#d79b7297c6584ec498ea1874ced6235b.37_0#1727764138; at_check=true; AMCVS_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 06:29:02 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://radiobrasilitalia.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519342381133
Content-Length: 8457
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Light-Web.413802a3486a5a2cf881.woff
162.241.60.105404 Not Found 33 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Light-Web.413802a3486a5a2cf881.woff
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261)
Hash d4ba028190a3951fd6b7fc62c7e98ce9
2943a2b115ee732d2c274f2ed130c4050dda5ea8
b5dd5efcac137ae41042da8bdad03e657b2d3b0672ec9bb1d9a850073bff3f28
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/Graphik-Light-Web.413802a3486a5a2cf881.woff HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/styles.css
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CMCMID%7C04353901072699039642540583954215984397%7CMCAAMLH-1665124136%7C6%7CMCAAMB-1665124136%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1664526536s%7CNONE%7CMCSYNCSOP%7C411-19273%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196|PC#d79b7297c6584ec498ea1874ced6235b.37_0#1727764138; at_check=true; AMCVS_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 06:29:02 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://radiobrasilitalia.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
X-Generated: t=1664519342391036
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Regular-Web.f8ec249a45d5a0313b93.woff
162.241.60.105404 Not Found 33 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Regular-Web.f8ec249a45d5a0313b93.woff
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261)
Hash 9b750eb50a30c28b40cf7c596af08dcb
284e2b1beb2bce20429b306cf63d4c89a76a6be9
7c9eacd78fbca4e63d33dc3ab66c7099cc6f53b99eba4477b4d2ddcab9554a32
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/Graphik-Regular-Web.f8ec249a45d5a0313b93.woff HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/styles.css
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CMCMID%7C04353901072699039642540583954215984397%7CMCAAMLH-1665124136%7C6%7CMCAAMB-1665124136%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1664526536s%7CNONE%7CMCSYNCSOP%7C411-19273%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196|PC#d79b7297c6584ec498ea1874ced6235b.37_0#1727764138; at_check=true; AMCVS_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 06:29:02 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://radiobrasilitalia.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
X-Generated: t=1664519342394596
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Medium-Web.b7af4207459a405b99aa.woff
162.241.60.105404 Not Found 33 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Medium-Web.b7af4207459a405b99aa.woff
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261)
Hash 2c25ad7cef68f895e4e28b018420ae88
6d1042a465c1ffb7df7984d4ac8165417b149cb3
102a263267f8f76d795f23bd7da0abdf639f6f8112c05c71c14334646c1366be
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/Graphik-Medium-Web.b7af4207459a405b99aa.woff HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/styles.css
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CMCMID%7C04353901072699039642540583954215984397%7CMCAAMLH-1665124136%7C6%7CMCAAMB-1665124136%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1664526536s%7CNONE%7CMCSYNCSOP%7C411-19273%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196|PC#d79b7297c6584ec498ea1874ced6235b.37_0#1727764138; at_check=true; AMCVS_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 06:29:02 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://radiobrasilitalia.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
X-Generated: t=1664519342391118
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/undefined/accdn.lpsnmedia.net/api/account/28229424/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
162.241.60.105404 Not Found 8.5 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/undefined/accdn.lpsnmedia.net/api/account/28229424/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261)
Hash ea9b8c822ee1b65fd5048fa2b91399f4
5792437593c0684f144712c7a1e80aec88dfd259
afb4906a67bd05e1dadace092810df40a7a04c240a554be3b1bfc234c9bc784c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/upgrade/dashboard/undefined/accdn.lpsnmedia.net/api/account/28229424/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
Connection: keep-alive
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CMCMID%7C04353901072699039642540583954215984397%7CMCAAMLH-1665124136%7C6%7CMCAAMB-1665124136%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1664526536s%7CNONE%7CMCSYNCSOP%7C411-19273%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196|PC#d79b7297c6584ec498ea1874ced6235b.37_0#1727764138; at_check=true; AMCVS_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 06:29:02 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://radiobrasilitalia.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519342597448
Content-Length: 8477
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Bold-Web.c1c9a1709295b7678669.woff
162.241.60.105404 Not Found 33 kB URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/Graphik-Bold-Web.c1c9a1709295b7678669.woff
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261)
Hash 0b1168333740fbc292c5d47b764d8939
e46a76b4a694819df21d9bee296f6c2254104081
2581de9e2257475baa977554139285f96b69e3301270f80491bd8e7566ed6492
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/Graphik-Bold-Web.c1c9a1709295b7678669.woff HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/styles.css
Cookie: AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=-1124106680%7CMCIDTS%7C19266%7CMCMID%7C04353901072699039642540583954215984397%7CMCAAMLH-1665124136%7C6%7CMCAAMB-1665124136%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1664526536s%7CNONE%7CMCSYNCSOP%7C411-19273%7CvVersion%7C5.2.0; mbox=session#d79b7297c6584ec498ea1874ced6235b#1664521196|PC#d79b7297c6584ec498ea1874ced6235b.37_0#1727764138; at_check=true; AMCVS_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 06:29:02 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://radiobrasilitalia.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
X-Generated: t=1664519342644402
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
deposits.digitalcommerce.truist.com/product
143.204.55.117200 OK 1.0 kB URL HTTP/2 deposits.digitalcommerce.truist.com/product
IP 143.204.55.117:0
Hash 0f6c91497f005b0762d9e3a78792bfc4
74ad1d7752e014fda72d955720b2990afd83a0b3
dda766188b63e36e75cfe326f5780df51365c1a4bbaed911fb454fa6c79e2333
GET /product HTTP/1.1
Host: deposits.digitalcommerce.truist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://radiobrasilitalia.com.br/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Mon, 05 Sep 2022 09:16:45 GMT
last-modified: Fri, 26 Aug 2022 00:18:43 GMT
etag: W/"2f0a108023c3799e946e6198ccdb2a4c"
x-amz-server-side-encryption: AES256
x-amz-version-id: e90BT06h_f8ECUW..JeyVtLj57JR3S4I
server: AmazonS3
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors https://*.suntrust.com https://*.truist.com; script-src 'self' https://clt-v20k3-c.bbtnet.com https://ad.doubleclick.net https://www.googletagmanager.com https://bat.bing.com https://snap.licdn.com https://connect.facebook.net https://sp.analytics.yahoo.com https://insight.adsrvr.org https://*.qualtrics.com https://sub.inv.qa.wm.scivantage.com https://www.ssa.gov https://assets.adobedtm.com https://h.online-metrix.net https://maps.googleapis.com https://*.truist.com http://*.suntrust.com https://*.suntrust.com https://*.liveperson.net http://*.liveperson.net https://fls.doubleclick.net http://www.googleadservices.com http://suntrustbanksinc.demdex.net http://nexus.ensighten.com https://nexus.ensighten.com http://dpm.demdex.net http://*.lpsnmedia.net 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://*.truist.com https://*.cashedge.com https://*.qualtrics.com https://*.suntrust.com https://*.checkfreeweb.com https://*.popmoney.com http://googleads.g.doubleclick.net http://www.google.com http://fast.suntrustbanksinc.demdex.net http://suntrustbanksinc.demdex.net http://*.lpsnmedia.net http://*.liveperson.net https://secure.opinionlab.com https://cdn.appdynamics.com https://h.online-metrix.net
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: H5m_B48MeKKum_GfGjTpFSM4acPacph0500Lpd0JMairQwigbn1Oug==
age: 2149935
X-Firefox-Spdy: h2
lptag.liveperson.net/tag/tag.js?site=28600839
178.249.101.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=28600839
IP 178.249.101.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=28600839 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:29:03 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 154c2c10f88a973c850907c290946b2b
ba0679fd341b9dfc6a0c7782aa580b85bb3a850f
2a095b79c01210807a1cc44178783cc73accbfa70487458c788dfa93c9f43070
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:29:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 04:31:53 GMT
Expires: Tue, 04 Oct 2022 04:31:52 GMT
Etag: "ba0679fd341b9dfc6a0c7782aa580b85bb3a850f"
Cache-Control: max-age=337968,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752ae6e9094ab4ff-OSL
lpcdn.lpsnmedia.net/le_secure_storage/3.14.0.10-release_5062/storage.secure.min.html?loc=http%3A%2F%2Fradiobrasilitalia.com.br&site=28229424
178.249.97.98200 OK 31 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.14.0.10-release_5062/storage.secure.min.html?loc=http%3A%2F%2Fradiobrasilitalia.com.br&site=28229424
IP 178.249.97.98:0
Hash 2ad77fee020227911ef343189bcd4eb8
188e85bc3015e91602a7b7a2b3c6049f96a31683
42b465d8705c8d2c90cde9425f308a43f074c6a3218db914a7d4f5585b631b21
GET /le_secure_storage/3.14.0.10-release_5062/storage.secure.min.html?loc=http%3A%2F%2Fradiobrasilitalia.com.br&site=28229424 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:29:03 GMT
content-type: text/html
last-modified: Mon, 04 Oct 2021 11:55:44 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 30 Sep 2023 06:29:03 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b307b2d-4d65-4a44-bdc9-02e2eb3040fe.webp
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b307b2d-4d65-4a44-bdc9-02e2eb3040fe.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7660f52ff0ccc2805e4186bfaeb86f3
64012d0a87c77d8409fa1be7d8d29124a81e3206
c4c2c65c2f830c5820dd019ada07607e31d338b824e2d66f7b4449c1026e123b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b307b2d-4d65-4a44-bdc9-02e2eb3040fe.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6058
x-amzn-requestid: 5895a9dc-4ec5-41cb-b0fa-b3f47677affe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPda6H8toAMFz7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f78-0941b5457484dc0c534333e2;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1Raa8DphZfTmcxIv1z70MMHpeboGmlsoY7k24hpc4GvYqAv4x2NGZQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:25 GMT
age: 31420
etag: "64012d0a87c77d8409fa1be7d8d29124a81e3206"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/11.d0fd9af22c976b87ea77.chunk.js?Q_CLIENTVERSION=1.78.0&Q_CLIENTTYPE=web&Q_BRANDID=truistcx
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/11.d0fd9af22c976b87ea77.chunk.js?Q_CLIENTVERSION=1.78.0&Q_CLIENTTYPE=web&Q_BRANDID=truistcx
IP 104.17.209.240:0
GET /dxjsmodule/11.d0fd9af22c976b87ea77.chunk.js?Q_CLIENTVERSION=1.78.0&Q_CLIENTTYPE=web&Q_BRANDID=truistcx HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:29:03 GMT
content-type: application/javascript
cf-ray: 752ae6e90d5b1bfe-OSL
access-control-allow-origin: *
age: 191190
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"f7f2-1837ae8dda8"
last-modified: Mon, 26 Sep 2022 17:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=63474
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/UMSClientAPI.min.js?version=10.20.1.9-release_5536
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/UMSClientAPI.min.js?version=10.20.1.9-release_5536
IP 178.249.97.98:0
GET /le_unified_window/10.20.1.9-release_5536/UMSClientAPI.min.js?version=10.20.1.9-release_5536 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:29:03 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 14:50:34 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 30 Sep 2023 06:29:03 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/lpChatV3.min.js?version=10.20.1.9-release_5536
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/lpChatV3.min.js?version=10.20.1.9-release_5536
IP 178.249.97.98:0
GET /le_unified_window/10.20.1.9-release_5536/lpChatV3.min.js?version=10.20.1.9-release_5536 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:29:03 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 14:50:35 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 30 Sep 2023 06:29:03 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/28600839?&cb=lpCb12934x59271&t=sp&ts=1664519340800&pid=8649111658&tid=5795578021&pt=Getting%20started%20%7C%20Security%20Verification%20%7C%20Truist%20Bank&u=http%3A%2F%2Fradiobrasilitalia.com.br%2Fwp-content%2Fupgrade%2Fdashboard%2Fcard.php%3Fcmd%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%22Could%20not%20configure%20storage%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
208.89.12.87200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/28600839?&cb=lpCb12934x59271&t=sp&ts=1664519340800&pid=8649111658&tid=5795578021&pt=Getting%20started%20%7C%20Security%20Verification%20%7C%20Truist%20Bank&u=http%3A%2F%2Fradiobrasilitalia.com.br%2Fwp-content%2Fupgrade%2Fdashboard%2Fcard.php%3Fcmd%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%22Could%20not%20configure%20storage%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP 208.89.12.87:0
GET /api/js/28600839?&cb=lpCb12934x59271&t=sp&ts=1664519340800&pid=8649111658&tid=5795578021&pt=Getting%20started%20%7C%20Security%20Verification%20%7C%20Truist%20Bank&u=http%3A%2F%2Fradiobrasilitalia.com.br%2Fwp-content%2Fupgrade%2Fdashboard%2Fcard.php%3Fcmd%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%22Could%20not%20configure%20storage%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:29:04 GMT
content-type: application/javascript
set-cookie: LPVisitorID=E3NTE3NDhmYmFjNjZiMTVh; Expires=Sat, 30-Sep-2023 06:29:04 GMT; Path=/; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined
IP 216.58.211.10:0
GET /icon?family=Material+Icons|Material+Icons+Outlined HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 30 Sep 2022 06:28:58 GMT
date: Fri, 30 Sep 2022 06:28:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_dh8D3LGsx3cVYOy&Q_CLIENTVERSION=1.62.0&Q_CLIENTTYPE=web
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_dh8D3LGsx3cVYOy&Q_CLIENTVERSION=1.62.0&Q_CLIENTTYPE=web
IP 104.17.209.240:0
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_dh8D3LGsx3cVYOy&Q_CLIENTVERSION=1.62.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 98
Origin: http://radiobrasilitalia.com.br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:28:59 GMT
content-type: application/json
cf-ray: 752ae6ccca381bfe-OSL
access-control-allow-origin: http://radiobrasilitalia.com.br
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 352ef658c3925938
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_dh8D3LGsx3cVYOy&Version=0&Q_CLIENTVERSION=1.78.0&Q_CLIENTTYPE=web
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_dh8D3LGsx3cVYOy&Version=0&Q_CLIENTVERSION=1.78.0&Q_CLIENTTYPE=web
IP 104.17.209.240:0
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_dh8D3LGsx3cVYOy&Version=0&Q_CLIENTVERSION=1.78.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 137
Origin: http://radiobrasilitalia.com.br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:29:03 GMT
content-type: application/json
cf-ray: 752ae6e95db61bfe-OSL
access-control-allow-origin: http://radiobrasilitalia.com.br
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 5765d0ef0f750a5e
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
zndh8d3lgsx3cvyoy-truistcx.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_dh8D3LGsx3cVYOy&Q_VERSION=0
104.17.209.240200 OK 0 B URL HTTP/2 zndh8d3lgsx3cvyoy-truistcx.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_dh8D3LGsx3cVYOy&Q_VERSION=0
IP 104.17.209.240:0
GET /SIE/?Q_ZID=ZN_dh8D3LGsx3cVYOy&Q_VERSION=0 HTTP/1.1
Host: zndh8d3lgsx3cvyoy-truistcx.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:29:03 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 752ae6e8dd441bfe-OSL
access-control-allow-origin: *
age: 226265
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2136-6v4bexIh1V2nurakFglEkPC/nco"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8502
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/surveylogicinstance.min.js?version=10.20.1.9-release_5536
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/surveylogicinstance.min.js?version=10.20.1.9-release_5536
IP 178.249.97.98:0
GET /le_unified_window/10.20.1.9-release_5536/surveylogicinstance.min.js?version=10.20.1.9-release_5536 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:29:03 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 14:50:35 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 30 Sep 2023 06:29:03 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/main-es2015.js
162.241.60.105200 OK 0 B URL HTTP/1.1 radiobrasilitalia.com.br/wp-content/upgrade/dashboard/info_files/main-es2015.js
IP 162.241.60.105:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/upgrade/dashboard/info_files/main-es2015.js HTTP/1.1
Host: radiobrasilitalia.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/wp-content/upgrade/dashboard/card.php?cmd=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 06:28:58 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:53:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1664519338470588
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
lptag.liveperson.net/lptag/api/account/28600839/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
178.249.101.23200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/28600839/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP 178.249.101.23:0
GET /lptag/api/account/28600839/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:29:03 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/ui-framework.js?version=10.20.1.9-release_5536
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/ui-framework.js?version=10.20.1.9-release_5536
IP 178.249.97.98:0
GET /le_unified_window/10.20.1.9-release_5536/ui-framework.js?version=10.20.1.9-release_5536 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://radiobrasilitalia.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Sep 2022 06:29:03 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 14:50:35 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 30 Sep 2023 06:29:03 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2